IPMediumSignal 46/100
181.215.65.165
Location
United StatesChicago, Illinois
ASN
AS212238
Private Customer
First Seen
May 26, 2025
Last Seen
May 29, 2026
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
46%
Signal Score
46 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionChicago, Illinois
ASNAS212238
OrganizationPrivate Customer
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
7 reports46% confidence
7
Source reports
46%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningantispambad reputationbad web botbotnet activitybrute forcebrute force attackbrute-forcecredential accesscredential stuffingddosdenial of serviceexploitation activityexploited hosthackingidentity & access exploitationindicatorit infrastructurelog4jnetworknorth americapassword attacksproxyreconnaissanceresearchedscannersecurity policysoftware developmentspamsshssh attackt1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003threat preventionunited statesusvpnweb app attackweb application attackweb exploitation
Activity Timeline
May 29May 29
Threat Activity Heatmap
· Peak: 2026-05-29LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
46
SIGNAL
Signal Score
46%
Confidence
7
Reports
First seenMay 26, 2025
Last seenMay 29, 2026
GeolocationUS
CountryUnited States
LocationChicago, Illinois
ASNAS212238
OrgPrivate Customer
Coords43.3628, -86.1648
ProxyVPN
VirusTotal
Not checked
WHOIS
- raw
- NetRange: 181.0.0.0 - 181.255.255.255 CIDR: 181.0.0.0/8 NetName: LACNIC-181 NetHandle: NET-181-0-0-0-0 Parent: () NetType: Allocated to LACNIC OriginAS: Organization: Latin American and Caribbean IP address Regional Registry (LACNIC) RegDate: 1993-05-01 Updated: 2010-07-21 Comment: This IP address range is under LACNIC responsibility Comment: for further allocations to users in LACNIC region. Comment: Please see http://www.lacnic.net/ for further details, Comment: or check the WHOIS server located at http://whois.lacnic.net Ref: https://rdap.arin.net/registry/ip/181.0.0.0 ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois ResourceLink: whois.lacnic.net OrgName: Latin American and Caribbean IP address Regional Registry OrgId: LACNIC Address: Rambla Republica de Mexico 6125 City: Montevideo StateProv: PostalCode: 11400 Country: UY RegDate: 2002-07-27 Updated: 2018-03-15 Ref: https://rdap.arin.net/registry/entity/LACNIC ReferralServer: whois://whois.lacnic.net ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois OrgAbuseHandle: LWI100-ARIN OrgAbuseName: LACNIC Whois Info OrgAbusePhone: +598-2604-2222 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/LWI100-ARIN OrgTechHandle: LACNIC-ARIN OrgTechName: LACNIC Whois Info OrgTechPhone: +598-2604-2222 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/LACNIC-ARIN
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 month ago
Appeared in 7 threat reports