IOC Radar
IPMediumSignal 100/100

185.42.12.89

Location
RussiaRussia
Nekrasovka, Moscow
ASN
AS44559
IT Hostline Ltd
First Seen
Dec 25, 2024
Last Seen
Feb 23, 2026
Dec 25
First Seen
547d ago
Feb 23
Last Seen
123d ago
10
Reports
source reports
99%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Network Information

CountryRURussia
RegionNekrasovka, Moscow
ASNAS44559
OrganizationIT Hostline Ltd

IP Category

Proxy
Proxy server

Feed Intelligence Summary

10 reports99% confidence
10
Source reports
99%
Confidence score
Category tags
abuseaccess controlaccount compromiseaccount securityactive scanningadministrative accessaustraliaautomated scanbotnetbrute forcebrute force attackcommand and controlcommunication protocolcredential accesscredential stuffingctadata exfiltrationddos attacksdecoy systemdistributed attackseurope/asiainternet of thingsintrusion detectioniot botnetiot/ics attackipv4malicious softwaremalwaremirai botnetnetworknetwork activitynetwork attacksnetwork probingnetwork scanningnetwork securitynetwork_reconnaissanceoceaniaoperating systemoperating system securitypassword attacksprivilege escalationprocess injectionproxyreconnaissanceremote accessremote servicesresearchedrurussiarussian federationscanscannerscanning activitysecurity policyssh attackt1016t1018t1021.001t1021.004t1040t1046t1055t1059t1059.001t1069.001t1071.001t1076t1078t1088t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.001t1499.002t1499.003t1563t1565t1589t1595t1595.001t1595.002t1595.003tcp protocoltelecommunicationsthreat intelligencethreat preventionunited arab emiratesvoip

Activity Timeline

1 total obs
Feb 23Feb 23

Threat Activity Heatmap

· Peak: 2026-02-23
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
10
Reports
First seenDec 25, 2024
Last seenFeb 23, 2026
GeolocationRU
CountryRussia
LocationNekrasovka, Moscow
ASNAS44559
OrgIT Hostline Ltd
Coords55.6945, 37.9239
Proxy

VirusTotal

Not checked

WHOIS

description
IPV4 hosts detected performing scans on production environment located in Australia.
raw
inetnum: 185.42.12.0 - 185.42.12.255 netname: RU-HORIZONMSK-20240222 country: RU org: ORG-HL343-RIPE admin-c: HL5120-RIPE tech-c: HL5120-RIPE status: ASSIGNED PA mnt-by: IP-RIPE created: 2024-02-22T09:18:08Z last-modified: 2024-02-22T09:18:11Z source: RIPE organisation: ORG-HL343-RIPE org-name: Horizon LLC address: Malyi Lyovshinskii per., d. 10, podv., pom. IV, kom. 2, of. 88-7 address: 119034 Moscow address: Russia abuse-c: HL5120-RIPE mnt-ref: IP-RIPE mnt-by: IP-RIPE org-type: OTHER created: 2024-02-22T09:16:52Z last-modified: 2024-02-22T09:17:11Z source: RIPE # Filtered role: Horizon LLC address: Malyi Lyovshinskii per., d. 10, podv., pom. IV, kom. 2, of. 88-7 address: 119034 Moscow address: Russia abuse-mailbox: [email protected] phone: +7 495 0088736 nic-hdl: HL5120-RIPE mnt-by: IP-RIPE created: 2024-02-22T09:16:53Z last-modified: 2024-02-22T09:16:53Z source: RIPE # Filtered route: 185.42.12.0/24 origin: AS59425 mnt-by: IP-RIPE created: 2024-02-22T09:18:12Z last-modified: 2024-02-22T09:18:12Z source: RIPE
references
https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 10 threat reports