IOC Radar
IPMediumSignal 35/100

45.58.159.7

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS46844
Sharktech Inc
First Seen
Nov 17, 2024
Last Seen
Apr 2, 2026
Nov 17
First Seen
582d ago
Apr 2
Last Seen
80d ago
14
Reports
source reports
35%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
35%
Signal Score
35 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

50 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS46844
OrganizationSharktech Inc

IP Category

Proxy
Proxy server

Feed Intelligence Summary

14 reports35% confidence
14
Source reports
35%
Confidence score
Category tags
abuseaccessaccess controlactive scanactive scanningadbhoney honeypotapplication reconnaissanceasiaattackback orificebad reputationbad web botbankingblacklist candidatebotnetbotnet activitybrute forcebrute force attackbrute force attemptscms detectioncommand and controlcommand injectioncommunication protocolcowriecowrie activitycowrie honeypotcredential accesscredential harvestingcredential stuffingcredit card servicesdata exfiltrationdata store exposuredatabase securityddosddos attacksdecoy systemdenial of servicedionaeadionaea honeypotdirectory bruteforcingdirectory traversaldistributed attackselasticpot honeypotelasticsearch monitoringemaileuropeexploitation activityfinancefinance and insurancefinancial servicesfinancial technologyftp brute forcegithubgpon formlogingroupshoneytrap honeypothttp scannerhttpsidentity & access exploitationinitial accessinjection activityinjection attacksinternet of thingsintrusion detectioniot botnetiot securityiot/ics attacklamplamp exploitation attemptslamp stack targetinglfimailoney activitymailoney honeypotmalaysiamalicious activitymalicious payloadmalicious softwaremalwaremalware behaviourmalware capturemalware hostingmirai botnetmozinetgear dgnnetherlandsnetworknetwork attacksnetwork intrusion attemptsnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynorth americaowasppassword attackspayment processingphishingphishing attackphishing trapprocess injectionproxypythonransomwarercereconnaissanceresearchedresource hijackingrfiscanscannerscanning activityscriptsecurity policysentrypeer botnetservice probingservice scansftpsftp attacksipsip enumerationsip vulnerability scanningslugsocial engineeringsorasshssh attackssh monitoringssrfsurface webt1016t1021t1021.002t1040t1041t1046t1053.005t1055t1059t1059.001t1059.003t1059.004t1059.005t1059.007t1068t1071t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1203t1204.002t1486t1495.001t1496t1497t1499.001t1499.002t1499.003t1555t1565t1566.001t1566.002t1566.003t1566.004t1573t1583t1589t1590t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltelecommunicationsthreat actorthreat detectionthreat intelligencethreat preventiontor nodeudp amplificationunited statesvoipvoip attackvulnerability scanwealth managementweb application attackweb application fingerprintingweb crawlerweb exploitationweb scannerweb trafficxsszgrab

Activity Timeline

1 total obs
Apr 2Apr 2

Threat Activity Heatmap

· Peak: 2026-04-02
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
35
SIGNAL
Signal Score
35%
Confidence
14
Reports
First seenNov 17, 2024
Last seenApr 2, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS46844
OrgSharktech Inc
Coords37.7510, -97.8220
Proxy

VirusTotal

Not checked

WHOIS

raw
inetnum: 45.57.0.0 - 45.65.7.255 netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC remarks: ------------------------------------------------------ remarks: remarks: For registration information, remarks: you can consult the following sources: remarks: remarks: IANA remarks: http://www.iana.org/assignments/ipv4-address-space remarks: http://www.iana.org/assignments/iana-ipv4-special-registry remarks: http://www.iana.org/assignments/ipv4-recovered-address-space remarks: remarks: AFRINIC (Africa) remarks: http://www.afrinic.net/ whois.afrinic.net remarks: remarks: APNIC (Asia Pacific) remarks: http://www.apnic.net/ whois.apnic.net remarks: remarks: ARIN (Northern America) remarks: http://www.arin.net/ whois.arin.net remarks: remarks: LACNIC (Latin America and the Carribean) remarks: http://www.lacnic.net/ whois.lacnic.net remarks: remarks: ------------------------------------------------------ country: EU # Country is really world wide admin-c: IANA1-RIPE tech-c: IANA1-RIPE status: ALLOCATED UNSPECIFIED mnt-by: RIPE-NCC-HM-MNT created: 2021-12-01T15:36:31Z last-modified: 2021-12-01T15:36:31Z source: RIPE role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-RIPE tech-c: IANA1-RIPE nic-hdl: IANA1-RIPE remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: RIPE-NCC-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:31:27Z source: RIPE # Filtered
references
https://www.linkedin.com/posts/starlightintel_cybersecurity-cyberattack-rce-activity-7315383737553211392-8PBv?utm_source=share&utm_medium=member_desktop&rcm=ACoAADM4tMgBAoph1aAnRhGdecMXg-lVzkLrxyM, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 14 threat reports