IOC Radar
IPMediumSignal 28/100

46.38.143.170

Location
Iran, Islamic Republic ofIran, Islamic Republic of
Isfahan, Isfahan
ASN
AS204104
Giti Secure Cloud LLC
First Seen
Dec 30, 2024
Last Seen
Apr 12, 2026
Dec 30
First Seen
539d ago
Apr 12
Last Seen
71d ago
10
Reports
source reports
28%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
28%
Signal Score
28 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

19 techniques

Network Information

CountryIRIran, Islamic Republic of
RegionIsfahan, Isfahan
ASNAS204104
OrganizationGiti Secure Cloud LLC

Feed Intelligence Summary

10 reports28% confidence
10
Source reports
28%
Confidence score
Category tags
abuseactive scanactive scanningasiaaustraliaauthenticationauto-generated securitybad reputationbotnetbotnet activitybrute forcebrute force attemptcommand and controlcredential accesscredential stuffingctadata exfiltrationdata store exposuredistributed attackseuropeexploitation activityidentity & access exploitationindicatorinjection activityiraniran, islamic republic ofmalicious activitymalicious softwaremalwarenetherlandsnetworknetwork securityoceaniapassword attackprocess injectionreconnaissanceremote accessresearchedscannerssh attackt1021.004t1055t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1486t1496t1499.002t1499.003t1565t1588.004t1589.002t1595.001t1595.002t1595.003threat actortor node

Activity Timeline

1 total obs
Apr 12Apr 12

Threat Activity Heatmap

· Peak: 2026-04-12
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
28
SIGNAL
Signal Score
28%
Confidence
10
Reports
First seenDec 30, 2024
Last seenApr 12, 2026
GeolocationIR
CountryIran, Islamic Republic of
LocationIsfahan, Isfahan
ASNAS204104
OrgGiti Secure Cloud LLC
Coords52.3824, 4.8995

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
inetnum: 46.38.143.0 - 46.38.143.255 netname: HelixGame org: ORG-HA1093-RIPE descr: HelixGame descr: HelixGame country: IR admin-c: HM6845-RIPE tech-c: HM6845-RIPE status: ASSIGNED PA mnt-by: AZMA-MNT created: 2024-09-16T13:54:39Z last-modified: 2025-01-16T14:59:23Z source: RIPE organisation: ORG-HA1093-RIPE org-name: HelixGame org-type: OTHER descr: HelixGame descr: helixgame.ir address: No. 7, Mehrabani alley, Koleyni St, Piroozi St, Tehran abuse-c: AR74062-RIPE mnt-ref: AZMA-MNT mnt-by: lir-ir-giticloud-1-MNT created: 2024-02-27T19:43:16Z last-modified: 2024-02-27T19:43:16Z source: RIPE # Filtered role: Tech Manager address: IRAN, ISLAMIC REPUBLIC OF address: Tehran address: 1749613187 address: No. 14 , Kalantarian (7/26) Alley , 30 Metri Niroo Havayi St. phone: +982171057306 nic-hdl: HM6845-RIPE mnt-by: GITI-MNT created: 2024-02-06T12:06:40Z last-modified: 2025-08-09T13:49:31Z source: RIPE # Filtered route: 46.38.143.0/24 origin: AS204104 mnt-by: AZMA-MNT created: 2025-01-16T15:00:38Z last-modified: 2025-01-16T15:00:38Z source: RIPE
references
https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 10 threat reports