IOC Radar
IPMediumSignal 61/100

104.234.53.18

Location
United StatesUnited States
New York, ON
ASN
AS206092
ONTAR-40 (Velcom INC)
First Seen
Mar 16, 2023
Last Seen
Jun 6, 2026
Mar 16
First Seen
1197d ago
Jun 6
Last Seen
19d ago
17
Reports
source reports
61%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
61%
Signal Score
61 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

16 techniques

Network Information

CountryUSUnited States
RegionNew York, ON
ASNAS206092
OrganizationONTAR-40 (Velcom INC)

IP Category

VPN
VPN exit node

Feed Intelligence Summary

17 reports61% confidence
17
Source reports
61%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningaerospace & defenseapacheapache attackeraptattackautomotive manufacturingbad reputationbad web botbotnet activitybrute forcebrute force attackbrute-forcecanadacivil servicescredential accesscredential harvestingcredential stuffingcyber securitydata exfiltrationdata store exposuredatabase securityddosdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of serviceelectronics manufacturingexploitation activityexploited hostgovernment technologyhackingidentity & access exploitationindustrial automationindustrial iotindustrial productioninformation technologyinjection activityinjection attacksiociot securityit infrastructuremalicious activitymalwaremanufacturing technologymilitary operationsnational securitynetworknextraynorth americaopenctipassword attacksphishingphishing attackprocess manufacturingproxypublic administrationpublic infrastructurepublic policyquality controlreconnaissanceregulatory agenciesresearchedscannersecurity operationssecurity policysocial engineeringsoftware developmentsql injectionsshssh attacksupply chain attacksupply chain managementt1059.003t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1499.001t1499.002t1566.001t1566.002t1566.003t1595.001t1595.002t1595.003targeting databasethreat actorthreat intelligencethreat preventiontor nodeunited statesusvpnweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
61
SIGNAL
Signal Score
61%
Confidence
17
Reports
First seenMar 16, 2023
Last seenJun 6, 2026
GeolocationUS
CountryUnited States
LocationNew York, ON
ASNAS206092
OrgONTAR-40 (Velcom INC)
Coords43.7692, -79.4949
VPN

VirusTotal

Not checked

WHOIS

raw
Velcom VELCOM-16 (NET-104-234-0-0-1) 104.234.0.0 - 104.234.255.255 IPXO LLC 104-234-0-0-17 (NET-104-234-0-0-2) 104.234.0.0 - 104.234.127.255 Internet Utilities NA LLC NETUTILS (NET-104-234-0-0-3) 104.234.0.0 - 104.234.127.255
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 19 days ago
Appeared in 17 threat reports