IOC Radar
IPLowSignal 48/100

129.82.138.31

Location
United StatesUnited States
Fort Collins, Colorado
ASN
AS12145
Colorado State University
First Seen
Feb 26, 2021
Last Seen
Jun 7, 2026
Feb 26
First Seen
1942d ago
Jun 7
Last Seen
16d ago
8
Reports
source reports
48%
Confidence
low
0/91
VirusTotal
detections
Found in 8 reports. Confidence: low. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
48%
Signal Score
48 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

74 techniques

Network Information

CountryUSUnited States
RegionFort Collins, Colorado
ASNAS12145
OrganizationColorado State University

IP Category

Proxy
Proxy server

Feed Intelligence Summary

8 reports48% confidence
8
Source reports
48%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney honeypotagentalertattackaustraliabad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsbrute-forcec2 communicationcins activecode executioncommand & controlcommand and controlcommand executioncommand injectioncommand injection attemptcommunication protocolconpot honeypotcontainer securitycowrie honeypotcowrie interactionscowrie ssh attackcowrie ssh attackscredential accesscredential attackcredential brute-forcingcredential stuffingcurldata encryptiondata exfiltrationdata store exposuredatabase attackdatabase attacksdatabase login attemptdatabase securitydcerpcddosddos attackddos probeddospotdecoy systemdenial of servicedionaea activitydionaea attacksdionaea honeypotdionaea interactionsdionaea malware samplesdirectory traversal attemptdistributed attacksdnsdns attackdockerdshield blockelasticpot honeypotelasticsearchelasticsearch monitoringencryptionenumerationet dropexfiltrationexploitexploit attemptexploit attemptsexploit kit activityexploit probingexploit targetingexploitation activityexploitation attemptexploitation of vulnerabilityexploited hostextortionfailed login attemptsfattfatt analysisfatt signaturesfileftpftp attackftp attacksftp brute forceftp brute-forcegalahgluttongopothackinghellpothoneytrap activityhoneytrap eventshoneytrap exploit attemptshoneytrap honeypothoneytrap interactionshttp attackhttp brute forcehttp probinghttp scannerhttp scanninghttpsicmpics securityidentity & access exploitationimapinbound scanindicatorindustrial control systemsinformation gatheringinitial accessinjection activityinjection attacksinternet-facingintrusion detectioniot securityiot/ics attackipphoney honeypotkibanalateral movementlisted sourcelog4potmailoney activitymailoney attacksmailoney honeypotmailoney interactionsmalicious activitymalicious file transfermalicious network activitymalicious softwaremalwaremalware activitymalware analysismalware behaviourmalware capturemalware deliverymalware downloadmalware propagationmanualmedpotmssqlnetworknetwork attacksnetwork discoverynetwork intrusion attemptnetwork intrusion attemptsnetwork intrusion detectionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnorth americaoceaniap0fp0f fingerprintingp0f network fingerprintingp0f os fingerprintingp0f passive fingerprintingp0f signaturespassword attackspassword sprayingphishingphishing attackphishing trappingpoor reputationportprivilege escalationprocess injectionprotoprotocol exploitationproxyproxy accessransomwarercereconnaissanceredis honeypotremote accessremote code executionremote servicesresearchedresource hijackingscannerscanning activityscripting attackssecurity operationssensor-taggedsentrypeer activitysentrypeer botnetsentrypeer eventssentrypeer interactionsserver exploitationservice scanshell accessshell access attemptsip attackssippsmtpsmtp attackssmtp brute forcesmtp probingsmtp scanningsnaresoftware exploitationsql injectionsql injection attemptsshssh attackssh attacksssh monitoringsuricata alertsuricata alertssyn scansystem disruptiont1005t1016t1018t1020t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1027t1040t1046t1053t1055t1059t1059.003t1059.004t1059.007t1068t1071t1071.001t1076t1077t1078t1078.001t1078.002t1078.004t1083t1087t1087.001t1087.002t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1195t1203t1204t1204.002t1486t1490t1496t1499.001t1499.002t1499.003t1505t1505.002t1550t1550.002t1550.003t1555t1555.003t1562t1563t1565t1566t1566.001t1572t1583t1588t1588.002t1588.006t1592t1595t1595.001t1595.002t1595.003tannertanner activitytanner exploitstanner interactionstargeting databasetcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat intelligence feedtor nodetpotudp scanunauthorized accessunauthorized login attemptunited statesusvnc protocolvoipvoip attackvulnerability scanweb app attackweb application attackweb application attacksweb application scanweb attackweb exploitationweb login attemptweb shellweb shell attemptweb shell detectionweb shell uploadweb trafficwgetwordpot

Activity Timeline

1 total obs
Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
48
SIGNAL
Signal Score
48%
Confidence
8
Reports
First seenFeb 26, 2021
Last seenJun 7, 2026
GeolocationUS
CountryUnited States
LocationFort Collins, Colorado
ASNAS12145
OrgColorado State University
Coords40.5377, -105.0546
Proxy

VirusTotal

0/ 91vendors flagged
0% detection rateJun 8, 2026

WHOIS

description
Observed making inbound scans on 2026-05-22 13:32:34
raw
NetRange: 129.82.0.0 - 129.82.255.255 CIDR: 129.82.0.0/16 NetName: CSUNET NetHandle: NET-129-82-0-0-1 Parent: NET129 (NET-129-0-0-0-0) NetType: Direct Allocation OriginAS: AS12145 Organization: Colorado State University (CSU-2-Z) RegDate: 1987-10-11 Updated: 2023-07-17 Ref: https://rdap.arin.net/registry/ip/129.82.0.0 OrgName: Colorado State University OrgId: CSU-2-Z Address: Academic Computing and Networking Services Address: Colorado State University Address: 1018 Campus Delivery City: Fort Collins StateProv: CO PostalCode: 80523 Country: US RegDate: 2023-01-16 Updated: 2024-02-07 Ref: https://rdap.arin.net/registry/entity/CSU-2-Z OrgTechHandle: DNSAD191-ARIN OrgTechName: DNS Administrator OrgTechPhone: +1-970-491-5600 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/DNSAD191-ARIN OrgRoutingHandle: HERNA1265-ARIN OrgRoutingName: Hernandez, John OrgRoutingPhone: +1-303-497-1280 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/HERNA1265-ARIN OrgAbuseHandle: DNSAD191-ARIN OrgAbuseName: DNS Administrator OrgAbusePhone: +1-970-491-5600 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/DNSAD191-ARIN OrgRoutingHandle: ADLER49-ARIN OrgRoutingName: Adler, Matt OrgRoutingPhone: +1-303-497-1279 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/ADLER49-ARIN OrgRoutingHandle: HSIAA-ARIN OrgRoutingName: Hsia, Alex OrgRoutingPhone: +1-303-497-1798 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/HSIAA-ARIN RNOCHandle: DNSAD191-ARIN RNOCName: DNS Administrator RNOCPhone: +1-970-491-5600 RNOCEmail: [email protected] RNOCRef: https://rdap.arin.net/registry/entity/DNSAD191-ARIN RAbuseHandle: DNSAD191-ARIN RAbuseName: DNS Administrator RAbusePhone: +1-970-491-5600 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/DNSAD191-ARIN RTechHandle: DNSAD191-ARIN RTechName: DNS Administrator RTechPhone: +1-970-491-5600 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/DNSAD191-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

low
First detected 5 years ago · Last seen 16 days ago
Appeared in 8 threat reports