IOC Radar
IPMediumSignal 62/100

149.72.154.232

Location
United StatesUnited States
Denver, Colorado
ASN
AS11377
SendGrid, Inc.
First Seen
May 16, 2024
Last Seen
Jun 11, 2026
May 16
First Seen
768d ago
Jun 11
Last Seen
12d ago
17
Reports
source reports
62%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
62%
Signal Score
62 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

43 techniques

Network Information

CountryUSUnited States
RegionDenver, Colorado
ASNAS11377
OrganizationSendGrid, Inc.

Feed Intelligence Summary

17 reports62% confidence
17
Source reports
62%
Confidence score
Category tags
abuseactive scanactive scanningaptauto-generated securitybad reputationblocklist_allbrute forcebrute force attackbrute-forcecivil servicescommunication protocolcredential accesscredential harvestingcredential stuffingcredential theftcryptocurrencycryptocurrency threatscryptojackingctadata exfiltrationdata store exposureddosddos attackdenial of serviceeuropeexploitation activityexploited hostfinancefinlandfrancefraud ordersftp brute forcegermanygovernment technologyhackinghoneynet connecthttp brute forcehttp scanneridentity & access exploitationindicatorinjection activityintrusion detectionlateral movementlogin attemptmalicious ipmalicious softwaremalicious-domainmalicious-ipmalwarenetworknetwork enumerationnetwork intrusionnetwork scanningnetwork securitynorth americaopenctipassword attackpassword attacksphishingphishing attackpolandprocess injectionprotocol exploitationpublic administrationpublic infrastructurepublic policyransomwarereconnaissanceregulatory agenciesremote accessremote servicesresearchedresource hijackingscams & fraudscannerscanning activitysmb brute forcesmtpsmtp attackersmtp brute forcesocial engineeringspamspearphishingssh attackt1021t1021.001t1021.002t1021.003t1021.004t1021.005t1027t1040t1046t1055t1059t1059.001t1059.003t1059.004t1068t1071.001t1076t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1563t1565t1566.001t1566.002t1566.003t1566.004t1574.001t1592t1595t1595.001t1595.002t1595.003tcp scantelnet threatthreat actorthreat intelligencetor nodeudp scanunauthorized access attemptunited statesunited states of americausweb application attackweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Jun 11Jun 11

Threat Activity Heatmap

· Peak: 2026-06-11
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
62
SIGNAL
Signal Score
62%
Confidence
17
Reports
First seenMay 16, 2024
Last seenJun 11, 2026
GeolocationUS
CountryUnited States
LocationDenver, Colorado
ASNAS11377
OrgSendGrid, Inc.
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

raw
NetRange: 149.72.0.0 - 149.72.255.255 CIDR: 149.72.0.0/16 NetName: SENDGRID-149-72-0-0-16 NetHandle: NET-149-72-0-0-1 Parent: NET149 (NET-149-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: SendGrid, Inc. (SENDG-12) RegDate: 2017-09-05 Updated: 2023-04-18 Comment: -----BEGIN CERTIFICATE-----MIICqjCCAZICCQDhy9sj6vfsITANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxzZW5kZ3JpZC5uZXQwHhcNMjMwNDE4MTMzMzE4WhcNMjQwNDE3MTMzMzE4WjAXMRUwEwYDVQQDDAxzZW5kZ3JpZC5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtGUyzM6DYu3qWkA/6sQ6c3hqN6TBxb8momQXSRN+OLWQf1pDQ5AShxHMMr4wbwPZH6TM+ZeWD5tqS9gJ5t/ZaRBLMuoNQGmZVMNbBST/Ip0sUOVjUZlMX8nTuZkrB/4QdVZzyPQbvIBVArHZ8tFz+fPifvRaU7bv735nWXTaCdsWqyqalc8hriFm2cffkU/5iqbxbG5E0XHRVBpdU+OH2jz8N0tGv9UXS2rZnavsdw0ijatvArqP4yyCWu6A9rsm+WUPofWURD3bd4G9l+s9s4/sQnnUg9l43ge9DzXOONI2kwlGCyvrWrV8ehBZqdLlyUHVIejxxwvjbomwk9bexAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAI/rX7FEJoh2AjmbBPvEOlRc7qcFLMUwFJMOLTxe/ba7R7ca/kfDTcC6E1EMeMcLK5KzQqj5OxJqXtoP95TB3ZTcegejNZgu991e32qkrh69LzWlFI04kR+siHFYPhtoaoHfqPGlP2U9Pv9rUWLjf4Am3+Vwh2w31zsJ1L2ntOArpzhHEr78ra27+l23+v0jyZt8+jl0/xv0tMHQ66GFGRTRO/mk7orOSGVJQ4U639GJym4cMDML+ETrN7pKvmA5Lhjn+cv29oUBiTP9Jrg2sP0VuI434ctYC6CX2NCcYfP419MUrOTkM0Md2vj65n6k/pr1DgnOeHbt1ehsVzONt8w=-----END CERTIFICATE----- Ref: https://rdap.arin.net/registry/ip/149.72.0.0 OrgName: SendGrid, Inc. OrgId: SENDG-12 Address: Twilio, Inc. Address: 1801 California Street Address: Suite 500 City: Denver StateProv: CO PostalCode: 80202 Country: US RegDate: 2012-06-14 Updated: 2025-06-12 Comment: http://www.sendgrid.com Comment: Comment: (888) 985-8363 Comment: Support hours: M-F, 7a-7p Mountain Time. Ref: https://rdap.arin.net/registry/entity/SENDG-12 OrgAbuseHandle: ABUSE3074-ARIN OrgAbuseName: Abuse Desk OrgAbusePhone: +1-888-985-7363 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3074-ARIN OrgTechHandle: TALSM-ARIN OrgTechName: Talsma, Jack OrgTechPhone: +1-415-390-2337 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/TALSM-ARIN OrgTechHandle: TSNO-ARIN OrgTechName: Twilio SendGrid Network Operations OrgTechPhone: +1-888-985-7363 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/TSNO-ARIN
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 12 days ago
Appeared in 17 threat reports