IOC Radar
IPMediumSignal 100/100

104.156.155.2

Location
United StatesUnited States
Honolulu, Hawaii
ASN
AS400161
Academy Internet Research Limited Liability Company
First Seen
Jan 31, 2022
Last Seen
Nov 26, 2025
Jan 31
First Seen
1610d ago
Nov 26
Last Seen
214d ago
22
Reports
source reports
99%
Confidence
medium
Found in 22 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

38 techniques

Network Information

CountryUSUnited States
RegionHonolulu, Hawaii
ASNAS400161
OrganizationAcademy Internet Research Limited Liability Company

Feed Intelligence Summary

22 reports99% confidence
22
Source reports
99%
Confidence score
Category tags
abuseabuseipdbacademy_for_internet_research-benignaccess controlaccount compromiseaccount securityactive scanningadministrative accessattackaustraliaauto-generated securityautomated scanautomotive manufacturingbeningbening scannerbotnetbrute forcebrute force attackc2c2 servercertcivil servicescommand and controlcommunication protocolcompromised hostscredential accesscredential harvestingcredential stuffingdata exfiltrationdata theftddosddos attacksdecoy systemdistributed attackselectronics manufacturingfin scangovernment technologyhackingindicatorindustrial automationindustrial iotindustrial productioninternet of thingsintrusion attemptintrusion detectioniociot botnetiot/ics attackipv4malicious activitymalicious softwaremalwaremalware distributionmanufacturing technologymirai botnetnetworknetwork attacksnetwork discoverynetwork enumerationnetwork mappingnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnextraynorth americanull scanoceaniaoperating systemoperating system securitypassword attacksphishing attackpotential vulnerability probingprivilege escalationprocess injectionprocess manufacturingpublic administrationpublic infrastructurepublic policyquality controlreconnaissancereconnaissance activityregulatory agenciesremote accessremote servicesresearchedrtbhscanscannersecurity operationssecurity policyservice discoveryservice enumerationsip scanningsocial engineeringsocradarspamssh attackssh scanningstealth scansupply chain managementsuspected malicious activitysyn scant1018t1021t1021.001t1040t1046t1055t1059t1059.001t1059.004t1069.001t1071t1071.001t1076t1078t1088t1105t1110.001t1110.002t1110.003t1110.004t1133t1190t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1573t1595t1595.001t1595.002t1595.003tcp protocoltelecommunicationsthreat actorthreat intelligencethreat preventionudp port scanunauthorized activityunited statesunited states of americausverified-benignvoipxmas scan

Activity Timeline

1 total obs
Nov 26Nov 26

Threat Activity Heatmap

· Peak: 2025-11-26
Less
More
Mon
Wed
Fri
Jun
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
22
Reports
First seenJan 31, 2022
Last seenNov 26, 2025
GeolocationUS
CountryUnited States
LocationHonolulu, Hawaii
ASNAS400161
OrgAcademy Internet Research Limited Liability Company
Coords21.3113, -157.8620

VirusTotal

Not checked

WHOIS

description
IPV4 hosts detected performing scans on production environment located in Australia.
raw
NetRange: 104.156.155.0 - 104.156.155.255 CIDR: 104.156.155.0/24 NetName: ACDRESEARCH NetHandle: NET-104-156-155-0-1 Parent: NET104 (NET-104-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Academy for Internet Research Limited Liability Company (AIRLL) RegDate: 2022-01-07 Updated: 2022-01-07 Ref: https://rdap.arin.net/registry/ip/104.156.155.0 OrgName: Academy for Internet Research Limited Liability Company OrgId: AIRLL Address: #A1- 5436 Address: 1110 Nuuanu Ave City: Honolulu StateProv: HI PostalCode: 96817 Country: US RegDate: 2021-10-15 Updated: 2023-12-11 Ref: https://rdap.arin.net/registry/entity/AIRLL OrgTechHandle: ABUSE8264-ARIN OrgTechName: Abuse OrgTechPhone: +1-833-439-0956 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ABUSE8264-ARIN OrgTechHandle: ADMIN7921-ARIN OrgTechName: Admin OrgTechPhone: +1-833-439-0956 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ADMIN7921-ARIN OrgAbuseHandle: ABUSE8264-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-833-439-0956 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE8264-ARIN
references
https://redpiranha.net, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://list.rtbh.com.tr/output.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, http://cinsscore.com/list/ci-badguys.txt, https://github.com/borestad/blocklist-abuseipdb/blob/main/abuseipdb-s100-3d.ipv4

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 7 months ago
Appeared in 22 threat reports