IOC Radar
IPMediumSignal 30/100

188.51.224.162

Location
Saudi ArabiaSaudi Arabia
Riyadh, 01
ASN
AS25019
Saudinet
First Seen
Dec 28, 2024
Last Seen
Apr 9, 2026
Dec 28
First Seen
541d ago
Apr 9
Last Seen
74d ago
12
Reports
source reports
30%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
30%
Signal Score
30 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

21 techniques

Network Information

CountrySASaudi Arabia
RegionRiyadh, 01
ASNAS25019
OrganizationSaudinet

Feed Intelligence Summary

12 reports30% confidence
12
Source reports
30%
Confidence score
Category tags
abuseactive scanactive scanningasiaattackaustraliaauthenticationauto-generated securitybad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptcommand and controlcredential accesscredential stuffingctadata exfiltrationdata store exposuredecoy systemdistributed attacksexploitation activityidentity & access exploitationindicatorinjection activitymalicious activitymalicious softwaremalwarenetworknetwork intrusionnetwork securityoceaniapassword attacksprocess injectionreconnaissanceremote accessremote servicesresearchedsaudi arabiascannerssh attackt1021.004t1055t1071.001t1078t1078.002t1110t1110.001t1110.002t1110.003t1110.004t1486t1496t1499.002t1499.003t1555t1565t1589t1589.002t1595.001t1595.002t1595.003threat actorthreat intelligencetor node

Activity Timeline

1 total obs
Apr 9Apr 9

Threat Activity Heatmap

· Peak: 2026-04-09
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
30
SIGNAL
Signal Score
30%
Confidence
12
Reports
First seenDec 28, 2024
Last seenApr 9, 2026
GeolocationSA
CountrySaudi Arabia
LocationRiyadh, 01
ASNAS25019
OrgSaudinet
Coords24.6569, 46.7179

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
inetnum: 188.51.0.0 - 188.51.255.255 netname: SAUDINET_DSL_POOL descr: DSL HOME Subscribers country: SA admin-c: STCR1-RIPE tech-c: STCR2-RIPE status: ASSIGNED PA mnt-by: SAUDINET-STC mnt-lower: SAUDINET-STC mnt-routes: SAUDINET-STC created: 2010-05-12T11:35:07Z last-modified: 2010-05-12T11:35:07Z source: RIPE role: Saudi Telecom Co. Registry Admin-C contact address: STC complex, murslat, Riyadh address: P.O.Box: 295997 address: Riyadh 11351 address: Saudi Arabia phone: +966-11-4525020 fax-no: +966114433639 abuse-mailbox: [email protected] admin-c: AR5383-RIPE tech-c: AR5383-RIPE remarks: For any Abuse or Spamming please send your requests directly to [email protected] mnt-by: SAUDINET-STC nic-hdl: STCR1-RIPE created: 2003-12-29T20:33:34Z last-modified: 2015-11-04T06:35:37Z source: RIPE # Filtered role: Saudi Telecom Co. Registry Tech-C contact address: Murslat Campus, Riyadh address: P.O.Box: 295997 address: Riyadh 11351 address: Saudi Arabia phone: +966114525020 fax-no: +966114433639 abuse-mailbox: [email protected] admin-c: STCR1-RIPE tech-c: STCR1-RIPE remarks: For any Abuse or Spamming please send your requests directly to [email protected] mnt-by: SAUDINET-STC nic-hdl: STCR2-RIPE created: 2003-12-29T20:56:08Z last-modified: 2015-11-04T06:37:15Z source: RIPE # Filtered route: 188.51.224.0/20 descr: Saudinet, Saudi Telecom Company ISP origin: AS25019 mnt-by: SAUDINET-STC created: 2017-04-25T05:43:26Z last-modified: 2017-04-25T05:43:26Z source: RIPE
references
https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 12 threat reports