IPLowSignal 40/100
179.61.253.45
Location
United StatesParis, IL
First Seen
Apr 23, 2024
Last Seen
Oct 6, 2025
Apr 23
First Seen
781d ago
Oct 6
Last Seen
250d ago
15
Reports
source reports
40%
Confidence
low
0/91
VirusTotal
detections
Found in 15 reports. Confidence: low. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
40%
Signal Score
40 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionParis, IL
Feed Intelligence Summary
15 reports40% confidence
15
Source reports
40%
Confidence score
Category tags
abuseaccess controlactive scanningattackauthentication attackauthentication failuresautomated attacksbotnetbrute forcebrute force attackbrute force attemptsbrute-forccommand and controlcommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdedecoy systemdistributed attacksdrive-by compromiseeuropeexploitation attemptsfail2ban alertsftpftp brute forcegermanyhoneytrap honeypotindicatorinfointrusion detectionlamplamp attacklogin attacklogin brute forcelogin failuremailoney attackmailoney honeypotmalicious activitymalicious softwaremalwarenetworknetwork attacksnetwork intrusion attemptsnetwork probingnetwork scanningnetwork securitynetwork service scanningnorth americanoticepassword attackspassword crackingphishingphishing attackphishing trapprocess injectionprotocol exploitationreconnaissanceremote servicesresearchedscanscannersecurity operationssecurity policysftp attacksmtpsocial engineeringssh attackssh monitoringt1021t1040t1041t1047t1053.005t1055t1059t1059.004t1071.001t1078t1078.001t1078.002t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat actorthreat detectionthreat intelligencethreat preventionunauthorized access attemptsunited kingdomunited statesweb loginweb server attacks
Activity Timeline
Oct 6Oct 6
Threat Activity Heatmap
· Peak: 2025-10-06LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
40
SIGNAL
Signal Score
40%
Confidence
15
Reports
First seenApr 23, 2024
Last seenOct 6, 2025
GeolocationUS
CountryUnited States
LocationParis, IL
Coords41.8764, -87.6133
WHOIS
- description
- 2025-02-01T01:31:19.821Z Honeypot : Cowrie : Source: 179.61.253.45 Data: Connection lost after 1.8 seconds
- raw
- inetnum: 179.61.253.0 - 179.61.253.255 netname: Unesty org: ORG-UC62-RIPE country: DE admin-c: NU834 tech-c: NU834 abuse-c: AR834 status: ASSIGNED PA mnt-by: netutils-mnt created: 2023-04-07T11:55:22Z last-modified: 2025-02-12T15:16:31Z source: RIPE organisation: ORG-UC62-RIPE org-name: Unesty Company org-type: OTHER address: Geschwister-Scholl-Platz, 09648 Mittweida, Germany abuse-c: ACRO41149-RIPE mnt-ref: IPXO-MNT mnt-by: UNESTY-MNT created: 2022-04-23T13:50:28Z last-modified: 2022-04-23T13:50:28Z source: RIPE # Filtered role: Internet Utilities Admin/Tech Contact address: 6th Floor 9 Appold Street London, EC2A 2AP nic-hdl: NU834 mnt-by: netutils-mnt created: 2024-08-23T10:12:32Z last-modified: 2024-08-23T10:12:32Z source: RIPE # Filtered route: 179.61.253.0/24 origin: AS211301 mnt-by: netutils-mnt created: 2023-04-05T18:17:41Z last-modified: 2025-02-12T14:02:05Z source: RIPE
- references
- https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
lowFirst detected 2 years ago · Last seen 8 months ago
Appeared in 15 threat reports