IOC Radar
IPMediumSignal 69/100

45.56.126.58

Location
United StatesUnited States
Richardson, TX
ASN
AS63949
Linode
First Seen
Oct 7, 2025
Last Seen
Apr 28, 2026
Oct 7
First Seen
257d ago
Apr 28
Last Seen
54d ago
21
Reports
source reports
69%
Confidence
medium
Found in 21 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
69%
Signal Score
69 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

43 techniques

Network Information

CountryUSUnited States
RegionRichardson, TX
ASNAS63949
OrganizationLinode

Feed Intelligence Summary

21 reports69% confidence
21
Source reports
69%
Confidence score
Category tags
abuseaccount compromiseactive scanactive scanningapacheapache attackeraptattackattacker ipaustraliaauthentication attemptsauthentication failurebad reputationbad web botblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptsbrute-forcebrute-force attackciscocisco devicecisco device targetingcloud infrastructurecloud infrastructure attackcloud servicescommand injectioncommunication protocolcowriecowrie honeypotcowrie interactionscowrie ssh honeypotcredential accesscredential attackcredential brute-forcecredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase securityddosdecoy systemdefault credential abusedenial of servicedevice managementdigital oceandionaeadionaea honeypotdionaea interactionsdnsdns attackencryptionenterprise networkingexploitexploitationexploitation activityexploitation attemptexploitation attemptsexploited hostexternal threatfattfatt signaturesftpftp brute forcehackinghoneytrap honeypothoneytrap interactionshttp brute forcehttp probinghttp scannerhttp scanninghttp/sidentity & access exploitationindicatorinfrastructure scanninginitial accessinjection activityinjection attacksinternet facinginternet-facingiociot attackiot device exploitationiot device targetingiot securitylamplamp server attacklamp stack attacklamp stack targetinglateral movementlinux serverloginlogin attacklogin attemptsmailoney honeypotmailoney interactionsmalicious activitymalicious login attemptsmalicious payload detectionmalicious softwaremalwaremalware behaviourmalware capturemodbusmssqlmssql brute forcenetworknetwork attacksnetwork discoverynetwork infrastructurenetwork intrusion attemptsnetwork intrusion detectionnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynorth americaoceaniaopenctip0fp0f signaturespassword attackpassword attackspassword crackingphishingphishing attackphishing trapportscanpossible botnet activitypossible exploit attemptpossible mirai variantpotential exploit activityprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote access attemptremote servicesresearchedresource hijackingscannerscannersscanning activityscripting attackssecurity operationssensor-taggedsentrypeer botnetsentrypeer interactionsserver exploitationservice scansftpsftp activitysftp attacksmb brute forcesmtpsmtp probingsocial engineeringsocradar honeypotspamsql injectionsshssh attackssh monitoringsuricata alertst-pott1018t1021t1021.001t1021.002t1040t1041t1046t1055t1059t1059.003t1059.007t1071t1071.001t1076t1077t1078t1083t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1486t1496t1499.001t1499.002t1499.003t1505.002t1555t1563t1565t1566.001t1566.002t1566.003t1589t1595t1595.001t1595.002t1595.003tannertanner interactionstargeting databasetcp protocoltelecommunicationstelnettelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotudp port scanunauthorized accessunauthorized loginunited statesusvoipvoip attackvultrweb application attackweb application attacksweb attackweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Apr 28Apr 28

Threat Activity Heatmap

· Peak: 2026-04-28
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
69
SIGNAL
Signal Score
69%
Confidence
21
Reports
First seenOct 7, 2025
Last seenApr 28, 2026
GeolocationUS
CountryUnited States
LocationRichardson, TX
ASNAS63949
OrgLinode
Coords32.9473, -96.7028

VirusTotal

Not checked

WHOIS

raw
Akamai Technologies, Inc. LINODE-US (NET-45-56-64-0-1) 45.56.64.0 - 45.56.127.255 Linode LINODE (NET-45-56-64-0-2) 45.56.64.0 - 45.56.127.255
references
https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-02-26/, https://jamesbrine.com.au, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-02-23/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-02-22/, https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-02-22/, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 8 months ago · Last seen 1 month ago
Appeared in 21 threat reports