IOC Radar
IPMediumSignal 100/100

51.211.165.107

Location
Saudi ArabiaSaudi Arabia
Riyadh, Riyadh Region
ASN
AS25019
STC
First Seen
Nov 4, 2023
Last Seen
Feb 15, 2026
Nov 4
First Seen
958d ago
Feb 15
Last Seen
124d ago
11
Reports
source reports
99%
Confidence
medium
1/91
VirusTotal
detections
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

47 techniques

Network Information

CountrySASaudi Arabia
RegionRiyadh, Riyadh Region
ASNAS25019
OrganizationSTC

Feed Intelligence Summary

11 reports99% confidence
11
Source reports
99%
Confidence score
Category tags
abuseactive scanningadbhoney attacksadbhoney honeypotantispamasiaattackbotnetbrute forcebrute force attackc2c2 communicationcommand and controlcommunication protocolcompromised credentialscompromised systemcowrie honeypotcowrie ssh attackscredential accesscredential harvestingcredential stuffingctadata exfiltrationdatabase securityddos botnetdecoy systemdenial of servicedionaea honeypotdionaea malware analysisdionaea malware collectiondistributed attackselasticpot honeypotelasticsearch monitoringexploitftpftp brute forceheralding attack patternhttp c2http scannerhttpsimapindicatorirc botnetlateral movementlog4jmailoney email attacksmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware distributionnetworknetwork intrusionnetwork scanningnetwork securitypassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationpython script activityreconnaissanceresearchedresource hijackingsasaudi arabiascannersentrypeer botnetsftp attacksmtpsocial engineeringssh attackssh monitoringt1016t1018t1021t1021.002t1040t1041t1046t1055t1059t1059.004t1068t1071t1071.001t1078t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1195.001t1199t1203t1204.002t1486t1496t1497t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1566.004t1573t1583.001t1588t1592t1595t1595.001t1595.002t1595.003tannertanner web attackstelecommunicationstelnet threatthreat actorthreat intelligencetraffic anomalyvoipvoip attackweb application attackweb exploitationweb traffic

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
11
Reports
First seenNov 4, 2023
Last seenFeb 15, 2026
GeolocationSA
CountrySaudi Arabia
LocationRiyadh, Riyadh Region
ASNAS25019
OrgSTC
Coords24.6869, 46.7224

VirusTotal

1/ 91vendors flagged
1% detection rateJun 8, 2026

WHOIS

raw
inetnum: 51.211.0.0 - 51.211.255.255 netname: SA-STC-19930901 country: SA org: ORG-SSTC1-RIPE admin-c: STCR1-RIPE tech-c: STCR2-RIPE status: ALLOCATED PA remarks: For any Abuse or Spam Please send an email to abuse @saudi.net.sa mnt-by: RIPE-NCC-HM-MNT mnt-by: SAUDINET-STC mnt-routes: SAUDINET-STC created: 2015-05-29T10:36:18Z last-modified: 2020-10-06T08:34:35Z source: RIPE organisation: ORG-SSTC1-RIPE org-name: Saudi Telecom Company JSC country: SA org-type: LIR address: P.O Box 295997 address: 11351 address: Riyadh address: SAUDI ARABIA phone: +966114525020 fax-no: +966114433639 admin-c: STCR1-RIPE mnt-ref: SAUDINET-STC mnt-ref: RIPE-NCC-HM-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: SAUDINET-STC abuse-c: STCR2-RIPE created: 2004-04-17T12:01:55Z last-modified: 2020-12-16T12:32:06Z source: RIPE # Filtered role: Saudi Telecom Co. Registry Admin-C contact address: STC complex, murslat, Riyadh address: P.O.Box: 295997 address: Riyadh 11351 address: Saudi Arabia phone: +966-11-4525020 fax-no: +966114433639 abuse-mailbox: [email protected] admin-c: AR5383-RIPE tech-c: AR5383-RIPE remarks: For any Abuse or Spamming please send your requests directly to [email protected] mnt-by: SAUDINET-STC nic-hdl: STCR1-RIPE created: 2003-12-29T20:33:34Z last-modified: 2015-11-04T06:35:37Z source: RIPE # Filtered role: Saudi Telecom Co. Registry Tech-C contact address: Murslat Campus, Riyadh address: P.O.Box: 295997 address: Riyadh 11351 address: Saudi Arabia phone: +966114525020 fax-no: +966114433639 abuse-mailbox: [email protected] admin-c: STCR1-RIPE tech-c: STCR1-RIPE remarks: For any Abuse or Spamming please send your requests directly to [email protected] mnt-by: SAUDINET-STC nic-hdl: STCR2-RIPE created: 2003-12-29T20:56:08Z last-modified: 2015-11-04T06:37:15Z source: RIPE # Filtered route: 51.211.160.0/21 descr: Saudinet, Saudi Telecom Company ISP origin: AS25019 mnt-by: SAUDINET-STC created: 2016-10-20T09:56:44Z last-modified: 2016-10-20T09:56:44Z source: RIPE
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 4 months ago
Appeared in 11 threat reports