IOC Radar
IPMediumSignal 66/100

64.94.159.255

Location
United StatesUnited States
San Francisco, California
ASN
AS399628
IMR
First Seen
Mar 26, 2026
Last Seen
Jun 9, 2026
Mar 26
First Seen
76d ago
Jun 9
Last Seen
2d ago
6
Reports
source reports
66%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
66%
Signal Score
66 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

4 techniques

Network Information

CountryUSUnited States
RegionSan Francisco, California
ASNAS399628
OrganizationIMR

Feed Intelligence Summary

6 reports66% confidence
6
Source reports
66%
Confidence score
Category tags
abuseactive scanactive scanningaustraliabad reputationbrute forcebrute-forceexploitation activityhackingindicatoriot securityiot targetednetworknorth americaoceaniareconnaissanceresearchedscanscannersipssht1595t1595.001t1595.002t1595.003united statesusweb app attack

Activity Timeline

1 total obs
Jun 9Jun 9

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
66
SIGNAL
Signal Score
66%
Confidence
6
Reports
First seenMar 26, 2026
Last seenJun 9, 2026
GeolocationUS
CountryUnited States
LocationSan Francisco, California
ASNAS399628
OrgIMR
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

description
IPV4 hosts detected performing scans on production environment located in Australia.
raw
NetRange: 64.94.159.0 - 64.94.159.255 CIDR: 64.94.159.0/24 NetName: SIXMA NetHandle: NET-64-94-159-0-1 Parent: NET64 (NET-64-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Internet Measurement Research (SIXMA) RegDate: 2023-09-12 Updated: 2023-09-12 Ref: https://rdap.arin.net/registry/ip/64.94.159.0 OrgName: Internet Measurement Research OrgId: SIXMA Address: 1390 Market Street City: San Francisco StateProv: CA PostalCode: 94102 Country: US RegDate: 2021-03-26 Updated: 2021-07-23 Ref: https://rdap.arin.net/registry/entity/SIXMA OrgAbuseHandle: IMRAB-ARIN OrgAbuseName: IMR Abuse OrgAbusePhone: +1-510-397-8544 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/IMRAB-ARIN OrgTechHandle: IMRNO-ARIN OrgTechName: IMR NOC OrgTechPhone: +1-510-397-8544 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/IMRNO-ARIN OrgNOCHandle: IMRNO-ARIN OrgNOCName: IMR NOC OrgNOCPhone: +1-510-397-8544 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/IMRNO-ARIN
references
https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 2 days ago
Appeared in 6 threat reports