Loading threats
Extracts IPv4 CIDR ranges from the local routing table by piping ip r (ip route) output into a regex-based grep -Eo pattern that matches dotted-quad addresses followed by a subnet mask (e.g., 192.168.0.0/24). The -o flag ensures only the matched CIDR blocks are returned. This is indicative of automated local network discovery to enumerate internal subnets for lateral movement or environment profiling.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 186.96.145.241 | 99% | 28,958 | 27,812 | 🇲🇽 MX | AS22884 | 2026-03-19 |
| 187.191.2.213 | 100% | 5,276 | 1,040 | 🇲🇽 MX | AS22884 | 2026-03-17 |
| 170.64.177.23 | 100% | 941 | 941 | 🇦🇺 AU | AS14061 | 2026-03-15 |
| 62.171.134.145 | 86% | 923 | 97 | 🇩🇪 DE | AS51167 | 2026-02-22 |
| 209.38.24.183 | 99% | 889 | 889 | 🇦🇺 AU | AS14061 | 2026-03-07 |
| 209.38.89.63 | 81% | 243 | 26 | 🇦🇺 AU | AS14061 | 2026-03-06 |
| 184.174.33.105 | 96% | 101 | 101 | 🇫🇷 FR | AS51167 | 2026-03-19 |
| 170.64.191.68 | 98% | 90 | 78 | 🇦🇺 AU | AS14061 | 2026-03-15 |
| 170.64.185.235 | 97% | 83 | 83 | 🇦🇺 AU | AS14061 | 2026-03-07 |
| 176.65.132.7 | 97% | 74 | 74 | 🇩🇪 DE | AS51396 | 2026-03-04 |
| 187.191.2.214 | 88% | 70 | 70 | 🇲🇽 MX | AS22884 | 2026-03-19 |
| 173.212.216.66 | 95% | 32 | 32 | 🇫🇷 FR | AS51167 | 2026-03-02 |
| 170.64.188.24 | 67% | 11 | 11 | 🇦🇺 AU | AS14061 | 2026-03-07 |
| 209.38.18.110 | 79% | 7 | 7 | 🇦🇺 AU | AS14061 | 2026-02-17 |
| 134.199.164.96 | 67% | 5 | 5 | 🇦🇺 AU | AS14061 | 2026-03-07 |