IOC Radar
IPMediumSignal 41/100

185.243.5.129

Location
United StatesUnited States
Newark, CA
ASN
AS23470
Dedires LLC
First Seen
Dec 12, 2024
Last Seen
May 30, 2026
Dec 12
First Seen
559d ago
May 30
Last Seen
25d ago
14
Reports
source reports
41%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
41%
Signal Score
41 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

43 techniques

Network Information

CountryUSUnited States
RegionNewark, CA
ASNAS23470
OrganizationDedires LLC

Feed Intelligence Summary

14 reports41% confidence
14
Source reports
41%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningactor listapi servicesaptasiaattackattacker-ipaustraliaauthenticationauto-generated securityautomated attacksautomated threatsbad reputationbad web botbotnetbotnet activitybotnet detectionbrute forcebrute force attackbrute force attemptsbrute-forcec2 communicationc2 detectionchinaciscocisco devicecommand & controlcommand and controlcommand injectioncommunication protocolcompromised hostcompromised hostscontent deliverycowriecowrie honeypotcowrie interactioncredential accesscredential guessingcredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securityddosdecoy systemdenial of servicedevice managementdionaeadionaea honeypotdistributed attacksdnsdns attackemailenterprise networkingenumerationeuropeexploitexploitation activityexploited hostfattfrancefraud ordersfraud voipftpftp brute-forcehackinghkhoneytrap honeypothong konghttp scanneridentity & access exploitationindicatorinitial accessinjection activityinjection attacksintrusion detectionioclamplamp exploitation attemptslateral movementlciamailoney honeypotmalicious activitymalicious network activitymalicious softwaremalwaremalware behaviourmalware capturemalware deliverymalware distributionmalware filtermisp threatnetworknetwork activitynetwork anomaliesnetwork exploitationnetwork infrastructurenetwork intrusion attemptnetwork intrusion attemptsnetwork probingnetwork reconnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnorth americaoceaniaopen threatotx pulsenametip0fpassword attacksphishingphishing attackphishing trappinyinpla unitprocess injectionprotocol exploitationreconnaissanceremote accessresearchedresource hijackingscams & fraudscanscannerscanning hostsscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetsftpsftp activitysftp attacksipsip scanningsmtpsocial engineeringsshssh attackssh monitoringt-pott1003t1021t1021.001t1021.002t1021.003t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1071t1071.001t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1566.004t1573t1573.001t1595t1595.001t1595.002t1595.003tannertelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventionti advisorytor nodetpottsocunauthorized access attemptunauthorized scanunit coverunited kingdomunited statesvoipvoip attackvoip servicesvulnerability scanweak credentialsweb apisweb application attackweb applicationsweb attackweb developmentweb exploitationweb hostingweb infrastructureweb servicesweb technologiesweb traffic

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
41
SIGNAL
Signal Score
41%
Confidence
14
Reports
First seenDec 12, 2024
Last seenMay 30, 2026
GeolocationUS
CountryUnited States
LocationNewark, CA
ASNAS23470
OrgDedires LLC
Coords34.0544, -118.2440

VirusTotal

Not checked

WHOIS

raw
inetnum: 185.0.0.0 - 185.255.255.255 netname: IANA-NETBLOCK-185 descr: This network range is not allocated to APNIC. descr: descr: If your whois search has returned this message, then you have descr: searched the APNIC whois database for an address that is descr: allocated by another Regional Internet Registry (RIR). descr: descr: Please search the other RIRs at whois.arin.net or whois.ripe.net descr: for more information about that range. country: AU admin-c: IANA1-AP tech-c: IANA1-AP remarks: For general info on spam complaints email [email protected]. remarks: For general info on hacking & abuse complaints email [email protected]. mnt-by: MAINT-APNIC-AP mnt-lower: MAINT-APNIC-AP status: ALLOCATED PORTABLE last-modified: 2008-09-04T06:51:29Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
references
https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 25 days ago
Appeared in 14 threat reports