Threat Actor Search
Query threat actors across multiple dimensions. Combine filters to find exactly what you're looking for.
Create an account to unlock advanced filters
Sign upResults
31666
Top Countries
US
7865
CN
4490
DE
1574
SG
1365
GB
1310
Top Attack Types
ssh:bruteforce
25204
http:scan
6476
ftp:bruteforce
737
mysql:bruteforce
706
Cloud Providers
DigitalOcean
3218
Microsoft Azure
1298
Amazon Web Services
859
Akamai/Linode
304
Cloudflare
96
Flags
VPN
135
ASN DROP
1034
Known Scanner
259
| IP Address | Behavior | Confidence | Flags | Events | Agents | Country | Hostname | Last Seen |
|---|---|---|---|---|---|---|---|---|
| 176.53.159.196 | proxy_abuser | 76% | 8933 | 3 | TR | — | 2026-07-18 03:10 | |
| 14.103.115.253 | scanner | 76% | 1x | 163 | 3 | CN | — | 2026-07-15 05:16 |
| 103.146.159.173 | credential_harvester | 76% | 1x | 1018 | 3 | HK | — | 2026-07-13 12:20 |
| 183.201.208.25 | scanner | 76% | 1x | 175 | 3 | CN | — | 2026-07-15 02:22 |
| 20.49.0.100 | credential_harvester | 76% | 1322 | 3 | US | — | 2026-07-15 23:59 | |
| 172.178.16.179 | credential_harvester | 76% | 1x | 1643 | 3 | US | — | 2026-07-13 09:42 |
| 80.94.92.234 | interactive_operator | 75% | DROP 1x | 2086 | 3 | RO | — | 2026-07-14 17:38 |
| 103.107.60.45 | credential_harvester | 75% | 1x | 1508 | 3 | IN | — | 2026-07-13 09:19 |
| 178.185.136.57 | credential_harvester | 75% | 1x | 2557 | 3 | RU | — | 2026-07-13 08:55 |
| 103.103.245.7 | credential_harvester | 75% | 1x | 1439 | 3 | HK | — | 2026-07-13 08:49 |
| 195.178.110.227 | interactive_operator | 75% | DROP 1x | 3159 | 3 | BG | — | 2026-07-14 16:57 |
| 177.16.244.39 | credential_harvester | 75% | 1x | 1151 | 3 | BR | — | 2026-07-13 06:37 |
| 161.35.65.86 | credential_harvester | 75% | 1x | 2233 | 3 | DE | — | 2026-07-13 06:12 |
| 78.138.168.46 | opportunistic_bruter | 75% | 1x | 529 | 3 | RU | — | 2026-07-13 19:56 |
| 102.210.149.236 | credential_harvester | 75% | 1x | 1811 | 3 | ZA | — | 2026-07-13 04:39 |
| 130.12.180.51 | data_exfiltrator | 75% | DROP | 6829 | 3 | US | — | 2026-07-15 18:17 |
| 139.59.4.137 | credential_harvester | 75% | 1x | 1432 | 3 | IN | — | 2026-07-13 03:57 |
| 213.230.111.14 | credential_harvester | 75% | 1x | 711 | 3 | UZ | — | 2026-07-13 11:01 |
| 103.187.146.90 | credential_harvester | 75% | 1x | 1509 | 3 | ID | — | 2026-07-13 01:38 |
| 164.92.161.148 | credential_harvester | 75% | 2x | 943 | 3 | DE | — | 2026-06-27 08:55 |
| 103.84.236.222 | credential_harvester | 75% | 1x | 1080 | 3 | IN | — | 2026-07-13 00:02 |
| 43.134.100.175 | web_probe | 74% | 28 | 3 | SG | — | 2026-07-14 08:51 | |
| 45.153.34.149 | credential_harvester | 74% | DROP 1x | 19286 | 3 | NL | — | 2026-07-18 03:14 |
| 185.242.3.195 | reconnaissance | 74% | DROP 1x | 6792 | 3 | NL | — | 2026-07-18 03:08 |
| 125.138.175.113 | credential_harvester | 74% | 1x | 287 | 3 | KR | — | 2026-07-13 21:00 |
Export requires an account
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
SCAN Known legitimate scanner
Nx Corroborated by N external threat feeds