IOC Radar
IPMediumSignal 71/100

173.31.192.19

Location
United StatesUnited States
Columbia, MO
ASN
AS30036
MEDIACOM
First Seen
Mar 27, 2025
Last Seen
Feb 15, 2026
Mar 27
First Seen
453d ago
Feb 15
Last Seen
127d ago
14
Reports
source reports
71%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

19 techniques

Network Information

CountryUSUnited States
RegionColumbia, MO
ASNAS30036
OrganizationMEDIACOM

Feed Intelligence Summary

14 reports71% confidence
14
Source reports
71%
Confidence score
Category tags
abuseaccess controlactive scanningattackaustraliabotnetbrute forcebrute force attackbrute force attemptcommand and controlcredential accesscredential stuffingdata exfiltrationdecoy systemdistributed attacksindicatormalicious activitymalicious softwaremalwarenetworknetwork scanningnorth americaoceaniapassword attackpassword attacksprocess injectionreconnaissanceremote accessresearchedscannersecurity operationssecurity policyssh attackt1055t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1486t1496t1499.002t1499.003t1565t1589t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat intelligencethreat preventionunited states

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
14
Reports
First seenMar 27, 2025
Last seenFeb 15, 2026
GeolocationUS
CountryUnited States
LocationColumbia, MO
ASNAS30036
OrgMEDIACOM
Coords38.9361, -92.3056

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
NetRange: 173.16.0.0 - 173.31.255.255 CIDR: 173.16.0.0/12 NetName: MEDIACOM-RESIDENTIAL-CUST NetHandle: NET-173-16-0-0-1 Parent: NET173 (NET-173-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Mediacom Communications Corp (MCC-244) RegDate: 2008-05-19 Updated: 2012-02-24 Ref: https://rdap.arin.net/registry/ip/173.16.0.0 OrgName: Mediacom Communications Corp OrgId: MCC-244 Address: 1 Mediacom Way City: Mediacom Park StateProv: NY PostalCode: 10918 Country: US RegDate: 2008-02-05 Updated: 2024-06-18 Comment: For abuse issues contact [email protected] Ref: https://rdap.arin.net/registry/entity/MCC-244 ReferralServer: rwhois://rwhois.mediacomcc.com:4321 OrgRoutingHandle: IPOPE24-ARIN OrgRoutingName: IP Operations OrgRoutingPhone: +1-515-559-0300 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/IPOPE24-ARIN OrgTechHandle: NAH5-ARIN OrgTechName: Ahmad, Nisar OrgTechPhone: +1-845-443-2698 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NAH5-ARIN OrgAbuseHandle: MEDIA2-ARIN OrgAbuseName: Mediacom Abuse OrgAbusePhone: +1-845-695-2600 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/MEDIA2-ARIN OrgTechHandle: HCD1-ARIN OrgTechName: Dean, Henry Clay OrgTechPhone: +1-515-559-0223 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/HCD1-ARIN
references
https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 14 threat reports