IOC Radar
IPMediumSignal 100/100

104.234.115.76

Location
United StatesUnited States
Port Edwards, Wisconsin
First Seen
Nov 7, 2024
Last Seen
Jun 18, 2026
Nov 7
First Seen
592d ago
Jun 18
Last Seen
4d ago
28
Reports
source reports
99%
Confidence
medium
Found in 28 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

49 techniques

Network Information

CountryUSUnited States
RegionPort Edwards, Wisconsin
OrganizationCyberOneData LLC

IP Category

Proxy
Proxy server

Feed Intelligence Summary

28 reports99% confidence
28
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningadbhoney activityadbhoney honeypotasiaattackauthentication attacksauto-generated securitybad reputationbad web botbankingbeningbening scannerblacklist candidateblacklist ipblock listbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsbrute_forcec2 communicationc2 servercanadachina mobilecisco attackcisco devicecisco device targetingcisco exploit attemptscisco_exploitcolumnscommand & controlcommand and controlcommunication protocolcompany limitedcompromised hostcompromised hostscowrie activitycowrie honeypotcowrie_attackcredential accesscredential harvestingcredential stuffingcredential_accesscredit card servicesctadata encryptiondata exfiltrationdata store exposuredata theftdatabase attackdatabase securityddosddos attackddos attacksdecoy systemdenial of servicedevice managementdionaea activitydionaea capturedionaea honeypotdistributed attackselasticpot dataelasticpot honeypotelasticsearch monitoringencryptionenterprise networkingenumerationexploitexploitation activityexploited hostfinancefinancial servicesfinancial technologyftpftp brute forcehackingheralding activityheralding behaviorhk abusehandlerhoneytrap honeypothong konghttp scannerhttp scanningidentity & access exploitationimapimap attackindicatorinfrastructure acquisitionreconnaissanceinitial accessinitial_accessinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attacklamplamp attacklamp exploit attemptslamp stack targetinglamp_exploitlateral movementmalicious activitymalicious network activitymalicious scanmalicious softwaremalwaremalware behaviourmalware capturemalware distributionmanualmirai botnetnetworknetwork attacksnetwork discoverynetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnokia_deepfield-benignnorth americapassword attackspayment processingpgp signphishingphishing attackprocess injectionprotocol exploitationproxyproxy protocolreconnaissancereconnaissance activityresearchedresource hijackingsansscanscannerscanning activityscripting attackssecurity operationssecurity policysentrypeer activitysentrypeer botnetsentrypeer detectionservice probingsftp activitysftp attacksftp_attacksip attackssip brute forcesip scanningsip_attacksmtpsmtp scanningsocial engineeringspamssh attackssh monitoringssh_bruteforcet1016t1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.001t1059.004t1059.007t1071t1071.001t1077t1078t1078.001t1078.004t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1573t1573.001t1587.001t1589t1590.001t1592t1595t1595.001t1595.002t1595.003tannertanner activitytargeting databasetcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat feedthreat intelligencethreat preventiontor nodetpotceunauthorized accessunited statesunited states of americausus abuseus noneverified-benignvoipvoip attackvulnerability scanwealth managementweb application attackweb attackweb exploitationweb scannerweb traffic

Activity Timeline

1 total obs
Jun 18Jun 18

Threat Activity Heatmap

· Peak: 2026-06-18
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
28
Reports
First seenNov 7, 2024
Last seenJun 18, 2026
GeolocationUS
CountryUnited States
LocationPort Edwards, Wisconsin
OrgCyberOneData LLC
Coords44.3426, -89.8597
Proxy

VirusTotal

Not checked

WHOIS

description
Data Sources: https://feeds.dshield.org/feeds/topips.txt https://feeds.dshield.org/feeds/top10.txt https://feeds.dshield.org/feeds/block.txt https://feeds.dshield.org/feeds/daily_sources THIS IS NOT A BLOCKLIST! DATA IS UNFILTERED AND CONTAINS FALSE POSITIVES.
raw
Velcom VELCOM-16 (NET-104-234-0-0-1) 104.234.0.0 - 104.234.255.255 IPXO LLC 104-234-0-0-17 (NET-104-234-0-0-2) 104.234.0.0 - 104.234.127.255 Internet Utilities NA LLC NETUTILS (NET-104-234-0-0-3) 104.234.0.0 - 104.234.127.255 CyberOneData LLC NET-104-234-115-0-24 (NET-104-234-115-0-1) 104.234.115.0 - 104.234.115.255

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 days ago
Appeared in 28 threat reports