IOC Radar
IPMediumSignal 29/100

178.23.15.70

Location
ItalyItaly
Milan, Tuscany
ASN
AS44092
ZeroCould
First Seen
Mar 27, 2025
Last Seen
Apr 5, 2026
Mar 27
First Seen
444d ago
Apr 5
Last Seen
70d ago
14
Reports
source reports
29%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
29%
Signal Score
29 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

21 techniques

Network Information

CountryITItaly
RegionMilan, Tuscany
ASNAS44092
OrganizationZeroCould

Feed Intelligence Summary

14 reports29% confidence
14
Source reports
29%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningattackauthentication attackautomated attackbad reputationbotnetbotnet activitybrute forcebrute force attackcommand and controlcredential accesscredential stuffingdata exfiltrationdata store exposuredistributed attackseuropeexploitation activityftp brute forceidentity & access exploitationindicatorinjection activityitalylogin attackmalicious activitymalicious softwaremalwarenetworknetwork scanningpassword attackspassword crackingprocess injectionransomwarereconnaissanceresearchedscannerscanning activitysecurity policysocradar honeypotssh attackt1021t1046t1055t1059t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat preventiontor nodeunited kingdom

Activity Timeline

1 total obs
Apr 5Apr 5

Threat Activity Heatmap

· Peak: 2026-04-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
29
SIGNAL
Signal Score
29%
Confidence
14
Reports
First seenMar 27, 2025
Last seenApr 5, 2026
GeolocationIT
CountryItaly
LocationMilan, Tuscany
ASNAS44092
OrgZeroCould
Coords42.3532, 13.4024

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
raw
inetnum: 178.23.8.0 - 178.23.15.255 netname: IT-HALSERVICE-20100416 org: ORG-HSS2-RIPE admin-c: HA4604-RIPE tech-c: HA4605-RIPE status: ALLOCATED PA mnt-by: HALSERVICE-MNT mnt-by: RIPE-NCC-HM-MNT created: 2024-01-16T12:44:48Z last-modified: 2024-01-19T11:43:23Z source: RIPE geoloc: 45.471589206663616 9.03616427566168 geofeed: https://gitlab.com/wicnoc/geofeed/-/raw/main/geofeed.csv country: IT organisation: ORG-HSS2-RIPE org-name: HAL Service SpA country: IT org-type: LIR address: REG. TORAME, 16 address: 13011 address: BORGOSESIA address: ITALY phone: +39016322183 fax-no: +39016324719 abuse-c: AR15790-RIPE admin-c: SZ1268-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: HALSERVICE-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: HALSERVICE-MNT created: 2007-02-05T11:07:53Z last-modified: 2021-02-03T08:35:03Z source: RIPE # Filtered role: HALSERVICE-ADMIN address: REG. TORAME, 16 address: 13011 BORGOSESIA (VC) - ITALY admin-c: SZ4653-RIPE tech-c: PP18761-RIPE nic-hdl: HA4604-RIPE mnt-by: HALSERVICE-MNT created: 2021-03-12T11:50:21Z last-modified: 2021-03-12T13:54:35Z source: RIPE # Filtered role: HALSERVICE-TECH address: REG. TORAME, 16 address: 13011 BORGOSESIA (VC) - ITALY admin-c: SZ4653-RIPE tech-c: PP18761-RIPE nic-hdl: HA4605-RIPE mnt-by: HALSERVICE-MNT created: 2021-03-12T11:55:00Z last-modified: 2021-03-12T13:55:49Z source: RIPE # Filtered route: 178.23.15.0/24 origin: AS44092 mnt-by: HALSERVICE-MNT created: 2024-01-16T13:23:42Z last-modified: 2024-01-16T13:23:42Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 14 threat reports