IOC Radar
IPMediumSignal 86/100

144.208.127.134

Location
United StatesUnited States
New York, Georgia
ASN
AS395092
Shock Hosting LLC
First Seen
Dec 4, 2020
Last Seen
Jun 17, 2026
Dec 4
First Seen
2031d ago
Jun 17
Last Seen
10d ago
9
Reports
source reports
86%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
86%
Signal Score
86 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountryUSUnited States
RegionNew York, Georgia
ASNAS395092
OrganizationShock Hosting LLC

Feed Intelligence Summary

9 reports86% confidence
9
Source reports
86%
Confidence score
Category tags
accessactive scanactive scanningaptasiablastcertcheck pointeurope/asiaikev1indicatoriocsmobile accessnetworknorth americaphishingqilinqilin linuxransomwarereconnaissanceremote accessresearchresearchedscannersocradart1595.001t1595.002t1595.003taiwanthreat actorturkeyunited statesusvpn remote

Activity Timeline

1 total obs
Jun 17Jun 17

Threat Activity Heatmap

· Peak: 2026-06-17
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The IP address 144.208.127.134 has been identified as a critical Indicator of Compromise (IOC) with a high-risk score of over 85, indicating its significant potential for malicious activity. This IOC is strongly associated with the Qilin ransomware group, a sophisticated threat actor known for its disruptive ransomware-as-a-service (RaaS) operations and impact across various sectors including healthcare, finance, and public administration. Its presence within an organizational environment could …

Threat ScoreHigh Risk
86
SIGNAL
Signal Score
86%
Confidence
9
Reports
First seenDec 4, 2020
Last seenJun 17, 2026
GeolocationUS
CountryUnited States
LocationNew York, Georgia
ASNAS395092
OrgShock Hosting LLC
Coords33.7490, -84.3880

VirusTotal

Not checked

WHOIS

description
CC=US ASN=AS395092 shock hosting llc
raw
NetRange: 144.208.124.0 - 144.208.127.255 CIDR: 144.208.124.0/22 NetName: SH-335 NetHandle: NET-144-208-124-0-1 Parent: NET144 (NET-144-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Shock Hosting LLC (SH-335) RegDate: 2016-05-18 Updated: 2021-12-10 Ref: https://rdap.arin.net/registry/ip/144.208.124.0 OrgName: Shock Hosting LLC OrgId: SH-335 Address: 371 Hoes Lane, Suite 200 City: Piscataway StateProv: NJ PostalCode: 08854 Country: US RegDate: 2014-11-21 Updated: 2020-09-26 Ref: https://rdap.arin.net/registry/entity/SH-335 OrgAbuseHandle: ABUSE4915-ARIN OrgAbuseName: Abuse Department OrgAbusePhone: +1-732-812-8024 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE4915-ARIN OrgNOCHandle: NOC32119-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-732-812-8022 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32119-ARIN OrgTechHandle: SUPPO1542-ARIN OrgTechName: Support Department OrgTechPhone: +1-732-812-8022 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/SUPPO1542-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 10 days ago
Appeared in 9 threat reports