IPMediumSignal 63/100
84.74.163.210
Location
SwitzerlandGlattbrugg, ZH
ASN
AS6730
Cablecommain
First Seen
Feb 7, 2025
Last Seen
Jun 11, 2026
Found in 24 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
63%
Signal Score
63 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountrySwitzerland
SwitzerlandRegionGlattbrugg, ZH
ASNAS6730
OrganizationCablecommain
IP Category
⊕
VPN
VPN exit node
Feed Intelligence Summary
24 reports63% confidence
24
Source reports
63%
Confidence score
Category tags
abuseaccess attemptaccess controlactive scanactive scanningaggressive-detectionaptasiaattackattacker-ipaustraliaauthentication abuseauthentication attackauthentication attemptauthentication attemptsauthentication failureautomated attackbad reputationbad web botblacklisted ipblocklist_allblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsbrute-forcebrute-force-ftpbrute-force-sshbrute-force-webbruteforcec2c2 communicationchcommand & controlcommand and controlcommand-injectioncommunication protocolcompromised hostconnection-resetcowrie datacowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackddos attemptddos participationdecoy systemdenial of servicedionaea honeypotdirectory-bruteforcedistributed attackseuropeexploitexploit activityexploitation activityexploited hostexternal remote servicesexternal threatfail2ban alertsfail2ban blocked ipfailed login attemptsfattfinlandfranceftpftp brute forceftp brute-forceftp bruteforcegermanyhackinghoneynet connecthoneytrap honeypothttp brute forcehttp scannerhttpsidentity & access exploitationindiaindicatorinformation technologyinjection activityinjection attacksintrusion detectioniociot securityiot targetedit infrastructurekill-chain exploitationkill-chain reconnaissancekill-chain:exploitationkill-chain:reconnaissancelateral movementlogin attemptlogin failurelow-riskmailoney honeypotmalicious activitymalicious domainmalicious softwaremalwaremalware behaviourmalware capturenetworknetwork attacksnetwork brute forcenetwork intrusionnetwork intrusion attemptsnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnorth americanoticeoceaniaosintp0fpassword attackpassword attackspassword sprayingphishingphishing attackphishing trapping of deathpolandport-scanprocess injectionprotocol exploitationprotocol-probingransomwarereconnaissanceremote accessremote access attemptremote loginremote servicesresearchedresource hijackingscannerscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetservice scansftp attacksmtp brute forcesocial engineeringsocradar honeypotsoftware developmentspamsql-injectionsshssh attackssh monitoringswedent1018t1021t1021.001t1021.004t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1071t1071.001t1076t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1573t1573.001t1589t1589.002t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontlp:whitetor nodetpotudp port scanudp scanunauthorized access attemptunauthorized access attemptsunauthorized login attemptsunited kingdomunited statesvalid accountsvoidtrapvoip attackvpnvpn ipweb app attackweb application attackweb attackweb exploitationweb spamweb traffic
Activity Timeline
Jun 11Jun 11
Threat Activity Heatmap
LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
63
SIGNAL
Signal Score
63%
Confidence
24
Reports
First seenFeb 7, 2025
Last seenJun 11, 2026
GeolocationCH
CountrySwitzerland
LocationGlattbrugg, ZH
ASNAS6730
OrgCablecommain
Coords47.4300, 8.5718
VPN
VirusTotal
Not checked
WHOIS
- description
- Host bruteforcing SSH
- raw
- inetnum: 84.74.12.0 - 84.74.175.255 netname: CABLECOMMAIN-NET descr: DHCP Scopes country: CH admin-c: CGRA1-RIPE tech-c: CAN6-RIPE status: ASSIGNED PA mnt-by: AS8404-MNT mnt-by: AS6730-MNT created: 2009-07-31T10:47:41Z last-modified: 2024-10-08T11:42:07Z source: RIPE # Filtered role: UPC Schweiz GmbH NOC address: Sunrise GmbH address: Thurgauerstrasse 101B address: CH-8152 Glattpark address: Switzerland abuse-mailbox: [email protected] admin-c: CGRA1-RIPE tech-c: CGRA1-RIPE nic-hdl: CAN6-RIPE mnt-by: AS8404-MNT created: 2002-01-24T15:48:50Z last-modified: 2024-07-09T13:09:50Z source: RIPE # Filtered role: UPC Schweiz GmbH RIPE Admin address: Sunrise GmbH address: Thurgauerstrasse 101B address: CH-8152 Glattpark address: Switzerland abuse-mailbox: [email protected] admin-c: JW7780-RIPE admin-c: IC3646-RIPE admin-c: MA9163-RIPE tech-c: CAN6-RIPE nic-hdl: CGRA1-RIPE mnt-by: AS8404-MNT created: 2007-12-03T08:21:26Z last-modified: 2024-07-09T13:11:05Z source: RIPE # Filtered route: 84.74.0.0/15 descr: CH-SUNRISE descr: sunrise / ex_UPC origin: AS6730 mnt-by: AS8404-MNT mnt-by: AS6730-MNT created: 2023-09-04T09:43:50Z last-modified: 2023-09-04T09:43:50Z source: RIPE
- references
- https://redpiranha.net, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 day ago
Appeared in 24 threat reports