IOC Radar
IPMediumSignal 96/100

213.159.75.158

Location
Moldova, Republic ofMoldova, Republic of
Coventry, England
ASN
AS209847
WorkTitans B.V
First Seen
Dec 29, 2024
Last Seen
Dec 5, 2025
Dec 29
First Seen
524d ago
Dec 5
Last Seen
184d ago
13
Reports
source reports
96%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
96%
Signal Score
96 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

23 techniques

Network Information

CountryMDMoldova, Republic of
RegionCoventry, England
ASNAS209847
OrganizationWorkTitans B.V

Feed Intelligence Summary

13 reports96% confidence
13
Source reports
96%
Confidence score
Category tags
abuseactive scanningattackaustraliaauthenticationauto-generated securitybotnetbrute forcebrute force attackbrute force attemptcommand and controlcowrie honeypotcredential accesscredential stuffingctadata exfiltrationdecoy systemdistributed attackseuropeeurope/asiamalicious activitymalicious softwaremalwaremoldova, republic ofnetworknetwork intrusionnetwork securityoceaniapassword attackpassword attacksprocess injectionproxyreconnaissanceremote accessremote servicesresearchedrussiarussian federationscannerssh attackssh monitoringt1021.004t1055t1071.001t1078t1078.002t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1486t1496t1499.002t1499.003t1555t1565t1588.004t1589t1589.002t1595.001t1595.002t1595.003threat actorthreat intelligenceunited kingdom

Activity Timeline

1 total obs
Dec 5Dec 5

Threat Activity Heatmap

· Peak: 2025-12-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
96
SIGNAL
Signal Score
96%
Confidence
13
Reports
First seenDec 29, 2024
Last seenDec 5, 2025
GeolocationMD
CountryMoldova, Republic of
LocationCoventry, England
ASNAS209847
OrgWorkTitans B.V
Coords55.7386, 37.6068

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
inetnum: 213.159.75.0 - 213.159.75.255 netname: STARK country: GB geofeed: https://stark-industries.solutions/geofeed.csv org: ORG-SISL18-RIPE admin-c: SICK1337-RIPE tech-c: SICK1337-RIPE status: ASSIGNED PA mnt-by: STARK-MNT created: 2024-08-03T13:42:07Z last-modified: 2024-08-03T13:42:07Z source: RIPE organisation: ORG-SISL18-RIPE org-name: STARK INDUSTRIES SOLUTIONS LTD. org-type: OTHER address: 71-75, Shelton Street address: Covent Garden address: London address: WC2H 9JQ address: UNITED KINGDOM phone: +442045770080 abuse-c: SICK1337-RIPE mnt-ref: STARK-MNT mnt-ref: MEREZHA-MNT mnt-ref: MNT-DGTL mnt-ref: LVNET-MNT mnt-ref: InterLIR-mnt mnt-ref: IPSMAIN mnt-ref: mnt-de-airbit-1 mnt-ref: lir-ae-goldip-1-MNT mnt-ref: MNT-NETERRA mnt-by: STARK-MNT created: 2022-02-11T19:47:43Z last-modified: 2024-07-25T08:31:11Z source: RIPE # Filtered role: Stark Industries Solutions NOC address: UNITED KINGDOM address: WC2H 9JQ address: London address: Covent Garden address: 71-75, Shelton Street phone: +441234416080 abuse-mailbox: [email protected] remarks: remarks: ********************************************************** remarks: * For spam/abuse/security issues please contact * remarks: * [email protected] * remarks: * The contents of your abuse email will be * remarks: * forwarded directly on to our client for * remarks: * handling. * remarks: ********************************************************** remarks: remarks: ********************************************************** remarks: * Any questions on Peering/Routing please send to * remarks: * [email protected] * remarks: ********************************************************** remarks: remarks: ********************************************************** remarks: * Any police request please send to * remarks: * [email protected] * remarks: ********************************************************** remarks: nic-hdl: SICK1337-RIPE mnt-by: STARK-MNT created: 2022-02-11T01:48:55Z last-modified: 2022-12-21T20:26:43Z source: RIPE # Filtered route: 213.159.75.0/24 origin: AS44477 mnt-by: STARK-MNT created: 2024-08-03T13:42:07Z last-modified: 2024-08-03T13:42:07Z source: RIPE
references
https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 6 months ago
Appeared in 13 threat reports