IPMediumSignal 81/100
104.234.115.108
Location
United StatesPort Edwards, Wisconsin
First Seen
Dec 19, 2024
Last Seen
Feb 6, 2026
Found in 25 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
81%
Signal Score
81 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionPort Edwards, Wisconsin
OrganizationCyberOneData LLC
IP Category
⟲
Proxy
Proxy server
Feed Intelligence Summary
25 reports81% confidence
25
Source reports
81%
Confidence score
Category tags
abuseaccess controlactive scanningamerican expressapacheapache attackerattackbad web botbankingbeningbening scannerblacklist candidateblacklist ipbotnetbrute forcebrute force attackc2 communicationc2 servercanadacommand and controlcommunication protocolcompromised hostcompromised hostscowriecowrie honeypotcredential accesscredential harvestingcredential stuffingcredit card servicesdata exfiltrationdata theftddosddos attacksdecoy systemdenial of servicedionaea honeypotdistributed attacksemailexploited hostfinancefinance and insurancefinancial servicesfinancial technologyftp brute forcegithubhackinghoneytrap honeypothttp scannerhuaweiindicatorinformation technologyinfrastructure acquisitionreconnaissanceinternet of thingsintrusion detectioniociot botnetiot/ics attacklamplamp server targetlamp stack targetingmailoney honeypotmalicious activitymalicious scanmalicious sftp activitymalicious sip activitymalicious softwaremalicious ssh activitymalwaremalware behaviourmalware capturemalware distributionmanualmirai botnetnetworknetwork attacksnetwork enumerationnetwork probingnetwork reconnaissancenetwork securitynetwork traffic analysisnokia_deepfield-benignnorth americapassword attackspayment processingphishingphishing attackphishing trappotential credential compromiseprocess injectionprotocol exploitationproxyproxy protocolpythonreconnaissancereconnaissance activityresearchedresource hijackingsansscanscannerscanning activitysecurity policysentrypeer botnetservice probingsftpsftp attacksipsip brute forcesip scanningslugsocial engineeringsocradar honeypotspamsshssh attackssh monitoringsurface webt1016t1021t1021.001t1021.002t1021.006t1040t1041t1046t1055t1059t1059.004t1071t1071.001t1078t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1573t1573.001t1587.001t1589t1590.001t1592t1595t1595.001t1595.002t1595.003tcp protocoltcp scantelecommunicationtelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventionudp scanunauthorized network activityunited statesunited states of americausverified-benignvoipvoip attackwealth managementweb application attackweb exploitationweb scannerweb spamweb trafficwestpac new zealand
Activity Timeline
Feb 6Feb 6
Threat Activity Heatmap
· Peak: 2026-02-06LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
81
SIGNAL
Signal Score
81%
Confidence
25
Reports
First seenDec 19, 2024
Last seenFeb 6, 2026
GeolocationUS
CountryUnited States
LocationPort Edwards, Wisconsin
OrgCyberOneData LLC
Coords44.3426, -89.8597
Proxy
VirusTotal
Not checked
WHOIS
- description
- Scans hitting the server at TCP port 8080 HTTP and PROXY. Same IP should not appear more than once in 96 hours in our lists S3#.
- raw
- Velcom VELCOM-16 (NET-104-234-0-0-1) 104.234.0.0 - 104.234.255.255 IPXO LLC 104-234-0-0-17 (NET-104-234-0-0-2) 104.234.0.0 - 104.234.127.255 Internet Utilities NA LLC NETUTILS (NET-104-234-0-0-3) 104.234.0.0 - 104.234.127.255 CyberOneData LLC NET-104-234-115-0-24 (NET-104-234-115-0-1) 104.234.115.0 - 104.234.115.255
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 4 months ago
Appeared in 25 threat reports