IOC Radar
IPMediumSignal 44/100

57.144.104.34

Location
United StatesUnited States
Denver, Colorado
ASN
AS32934
Meta Platforms Ireland Limited
First Seen
May 22, 2025
Last Seen
Feb 17, 2026
May 22
First Seen
387d ago
Feb 17
Last Seen
116d ago
4
Reports
source reports
44%
Confidence
medium
Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

82 techniques

Network Information

CountryUSUnited States
RegionDenver, Colorado
ASNAS32934
OrganizationMeta Platforms Ireland Limited

Feed Intelligence Summary

4 reports44% confidence
4
Source reports
44%
Confidence score
Category tags
aaaaabuseacceptaccount discoveryaccount profilingaccount takeoveractive scanningadded activeadmin cityadmin countryai device idalertsalienvault_ransomwarealtaramerica asnamerica flaganomalyapi abuseappdataapplication developmentarcaneascii textashburnasiaaspaudio recordingauthentication bypassauthentication flawav detectionsbackbackdoorbankingbeastbeningbening scannerblackblastblazebloat-abodybonebotnetbuildsc++c2callscamerascanadacanada canadacapecarnagechannel commandchaoscharmchatcheckschinacivil servicescivil societyck idck matrixck techniquesclassclick-based attackclosecnamecode executioncode injectioncoldcomicommandcommand and controlcommand executioncommentcommunication protocolcommunication technologiesconduitcontent typecontrol attcorecorpsecrazycreation datecredential accesscredential harvestingcredential theftcredit card servicescryptographycrystaldamagedata accessdata breachdata copyingdata exfiltrationdata redacteddata theftdata transferddos attacksdeaddecrypted ssldefense evasiondeletedelete cdemondevelopment attdevelopment methodologiesdevice localdevopsdiablodiablo iiidiablo immortaldigital certificatedigital signaturedisplaynamedistributed attacksdistributed denial-of-servicedockdosdropdropperdruiddynamicloadere-signature securityeclipseeliteemailsencryptenergyenergy distributionenomenterprise securityentriesentropyenvironerroreternaleuropeevasion attexfiltrationexpiration dateexploitfacefacebook_crawler-benignfalsefastly errorfearfear tacticsfeastfilesfiles domainfiles ipfiles matchingfiles relatedfinancefinancial servicesfinancial technologyflagfooterformformatforumsfoundfound httpsfrancefreezefrozenfull servicefurygandigandi sasgeneral fullgovernment technologyguardhackingharmonyhashhasheshatredhawkheathellhighhornhosthostinghostname addhostname enumerationhrefhtm alignhttp attackhttp requesthttp scannerhunthunterhybridhydraicmp trafficids detectionsiframeimpair defensesindicatorinfo stealerinformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceingress tool transferinput validation bypassinteractive mapinternet of thingsiot botnetiot/ics attackipv4ipv4 addirelandit infrastructurejapanknightladderlearnlifelightloaderidlocallong term campaignlooklookslowfiluckymagicmainmakermalicious activitymalicious linksmalicious powershell activitymalicious softwaremalwaremalware signingmediamediummetadata analysismicrosoft oemmirai botnetmitre attmobilemobile carriersmobile networksmobile securitymodelmodule loadmonitored targetmothermovedmozillaname servername serversname tacticsname valuenemtihnetherlandsnetworknetwork intrusionnetwork probingnetwork scanningnetwork securitynextnext associatednorth americanotes clamavnumberoil & gasopenoperating systempacked malwarepacking t1045pandoraparampasspassive dnspatchpatch managementpath traversalpattern matchpayment processingpdb pathpe resourcepe sectionphishingphishing attackpleasepoisonportpostpower generationpower systemsprayerpremiumpresent aprpresent augpresent febpresent julpresent junpresent marpresent octpresent sepprivacy nameprocess injectionproduct developmentprotocol exploitationprotocol h2protocol-devipublic administrationpublic infrastructurepublic policypulses otxpushquality assurancequasarquasirageratravenreadread creadsrealmreconnaissancerecord typerecord valuerecycle binredacted forredlineredline malwarerefreshregistrant faxregulatory agenciesrelated pulsesreloadremote accessremote servicesrenewable energyresearchedresource hashrestartreverse dnsrgbarogue threatrole titlerticonrunning webserverruntime processsaboteursan josescannerschoolscriptscript hostscript urlsscripting attackssea psearchseasonsecurity tlssegoe uiserversserviceshadowshellshow techniquesilencing campaignsizeskullslowsmoke loadersocial engineeringsocial media securitysoftware architecturesoftware developmentsoftware engineeringsoftware exploitationsoftware integritysoftware testingsoftware vulnerabilitiessolarsoulspainspansparkspawnsspeedspiritstatusstealthsteamstonestopstrangestreamstringssvg scalablesweet heartt1001.003t1005t1007t1010t1012t1021t1021.001t1027t1030t1031t1033t1040t1045t1053t1055t1057t1059t1059.001t1060t1064t1068t1069.001t1070t1071t1071.001t1078t1082t1083t1086t1092t1105t1106t1110t1110.002t1113t1114t1119t1129t1133t1140t1143t1189t1190t1201t1203t1204t1204.001t1204.002t1210t1480t1480 executiont1486t1489t1496t1497t1499.002t1499.003t1539t1546t1553t1554.001t1554.003t1555t1562t1565t1566t1566.001t1566.002t1566.003t1567t1568t1573t1573 encryptedt1583t1583.005t1585.001t1587.001t1589.001t1590t1590.001t1595.001t1595.002t1595.003t1614tacticsteamtelecom servicestelecommunicationstelnet threatthreat actortitletls snitofseetoolstrackertrier partrojan malwaretrojandropperttl valuetwitchtype indicatorubuntuukraineunauthorized devicesunicodeunitedunited statesunknown nsurlsuser agentuser executionusersvendor findingverdictverified-benignverifyw32.bloat-awarpwavewealth managementweb application exploitationweb securityweb trafficwin32 malwarewin32autoit marwindwindowwindows autowindows malwarewindows ntwindows scriptwindows startupwritewrite cxrat1yara detectionsyara ruleyoutube

Activity Timeline

1 total obs
Feb 17Feb 17

Threat Activity Heatmap

· Peak: 2026-02-17
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
4
Reports
First seenMay 22, 2025
Last seenFeb 17, 2026
GeolocationUS
CountryUnited States
LocationDenver, Colorado
ASNAS32934
OrgMeta Platforms Ireland Limited
Coords39.7392, -104.9900

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 4 threat reports