IPMediumSignal 64/100
130.131.55.228
Location
United StatesChicago, Illinois
ASN
AS8075
Microsoft Azure Cloud (northcentralus)
First Seen
Apr 8, 2026
Last Seen
May 24, 2026
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
64%
Signal Score
64 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionChicago, Illinois
ASNAS8075
OrganizationMicrosoft Azure Cloud (northcentralus)
Feed Intelligence Summary
6 reports64% confidence
6
Source reports
64%
Confidence score
Category tags
active scanactive scanningafricaargentinaasiaaustraliaaustriaauto-blockedazerbaijanbad reputationbad web botbangladeshbelgiumbotnet activitybrazilbrute forcebrute force attackcanadachinacloud computingcloud infrastructurecloud migrationcloud securitycloud storagecredential accesscredential stuffingdata store exposureddosddos attackdenial of serviceencryptioneuropeeurope/asiaexploitation activityfinlandfrancegermanyhackinghong kongidentity & access exploitationindiaindicatorindonesiaip-onlyirelandisraelitalyjapankenyakorea, republic ofkyrgyzstanlithuaniamalwaremexicomongoliamoroccomulti-cloud managementnepalnetherlandsnetworknew zealandnorth americanorwayoceaniapassword attacksphilippinespolandreconnaissanceresearchedromaniarussiarussian federationscannerserbiasingaporesouth africasouth americassh attackssl-enrichmentswedent1071.001t1105t1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1573.002t1595.001t1595.002t1595.003taiwanthreat-inteltor nodeukraineunited arab emiratesunited kingdomunited statesusvenezuela, bolivarian republic ofviet namvietnamweb app attackweb application attackweb exploitation
Activity Timeline
May 24May 24
Threat Activity Heatmap
· Peak: 2026-05-24LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
64
SIGNAL
Signal Score
64%
Confidence
6
Reports
First seenApr 8, 2026
Last seenMay 24, 2026
GeolocationUS
CountryUnited States
LocationChicago, Illinois
ASNAS8075
OrgMicrosoft Azure Cloud (northcentralus)
Coords37.7510, -97.8220
VirusTotal
Not checked
WHOIS
- description
- AbuseIPDB 52% | US | Microsoft Limited
- raw
- NetRange: 130.131.0.0 - 130.131.255.255 CIDR: 130.131.0.0/16 NetName: RIPE NetHandle: NET-130-131-0-0-1 Parent: NET130 (NET-130-0-0-0-0) NetType: Early Registrations, Transferred to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2023-09-07 Updated: 2025-02-10 Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois. Ref: https://rdap.arin.net/registry/ip/130.131.0.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE ReferralServer: whois.ripe.net ResourceLink: https://apps.db.ripe.net/db-web-ui/query OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
- references
- https://analytics.dugganusa.com/api/v1/stix-feed/v2, https://www.abuseipdb.com
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 months ago · Last seen 18 days ago
Appeared in 6 threat reports