IOC Radar
IPMediumSignal 52/100

173.255.228.202

Location
United StatesUnited States
Cedar Knolls, New Jersey
ASN
AS63949
Linode
First Seen
Dec 13, 2024
Last Seen
Apr 28, 2026
Dec 13
First Seen
547d ago
Apr 28
Last Seen
45d ago
16
Reports
source reports
52%
Confidence
medium
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
52%
Signal Score
52 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

39 techniques

Network Information

CountryUSUnited States
RegionCedar Knolls, New Jersey
ASNAS63949
OrganizationLinode

Feed Intelligence Summary

16 reports52% confidence
16
Source reports
52%
Confidence score
Category tags
abuseactive scanactive scanningaptattackaustraliaautomated-attackbad reputationbad web botblog spambotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptscanadacisco devicecisco device targetingcisco exploitationcisco exploitation attemptscommand and controlcommand injectioncommunication protocolcompromised hostconpot honeypotcowrie honeypotcowrie ssh honeypotcredential accesscredential brute-forcecredential stuffingcredential-stuffingdata encryptiondata exfiltrationdata store exposuredatabase attackdatabase attacksdatabase securityddosddos attackddos preparationdecoy systemdefault credential abusedenial of servicedenial-of-servicedevice managementdigital oceandionaea honeypotdnsdns attackencryptionenterprise networkingeu cyber policieseuropeexploitexploit attemptsexploitationexploitation activityexploitation attemptsexploited hostfattfraud voipftpftp attacksftp brute forcehackinghoneytrap datahoneytrap honeypothttp brute forcehttp scannerhttp scanninghttp/sics securityidentity & access exploitationindicatorindustrial control systemsinitial accessinjection activityinjection attacksintrusion detectioniociot device exploitationiot securityiot/ics attacklamplamp exploitationlamp exploitation attemptslamp server attacklamp stack attacklamp stack targetinglateral movementlinux serverlinux-server-attacklogin attemptmailoney honeypotmalicious activitymalicious softwaremalicious-login-attemptsmalwaremalware behaviourmalware capturemalware delivery attemptmalware detectionmalware distributionmodbusmssqlnetworknetwork attacksnetwork infrastructurenetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnorth americanull scanoceaniaopenctip0fpassword attackpassword attacksphishingphishing attackphishing trapping of deathport-scanningpossible mirai variantpotential botnetprocess injectionprotocol exploitationprotocol-abusereconnaissanceregional securityremote accessremote service exploitationremote servicesresearchedresource hijackingscams & fraudscannerscannersscanning activityscripting attackssecurity operationssensor-taggedsentrypeer botnetsentrypeer detectionserver exploitationservice scansftp activitysftp attacksftp-attacksip scanningsmtpsmtp brute forcespamsql injectionssh attackssh attacksssh monitoringssh-brute-forcesyn scant1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1071t1071.001t1076t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1203t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantelecommunicationstelnet threattelnet-brute-forcethreat actorthreat detectionthreat intelligencetor nodetpotudp port scanudp scanunauthorized loginunauthorized-access-attemptunited statesusvnc protocolvoipvoip attackvulnerability scanweb application attackweb application attacksweb attackweb attacksweb exploitationweb exploitsweb spamweb trafficweb-application-attackxmas scan

Activity Timeline

1 total obs
Apr 28Apr 28

Threat Activity Heatmap

· Peak: 2026-04-28
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
52
SIGNAL
Signal Score
52%
Confidence
16
Reports
First seenDec 13, 2024
Last seenApr 28, 2026
GeolocationUS
CountryUnited States
LocationCedar Knolls, New Jersey
ASNAS63949
OrgLinode
Coords40.8229, -74.4592

VirusTotal

Not checked

WHOIS

raw
Akamai Technologies, Inc. LINODE-US (NET-173-255-192-0-1) 173.255.192.0 - 173.255.255.255 Linode LINODE (NET-173-255-192-0-2) 173.255.192.0 - 173.255.255.255

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 16 threat reports