IPMediumSignal 45/100
19.22.52.23
Location
United StatesDearborn, Michigan
First Seen
Apr 9, 2026
Last Seen
Apr 14, 2026
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
45%
Signal Score
45 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionDearborn, Michigan
OrganizationFord Motor Company
Feed Intelligence Summary
3 reports45% confidence
3
Source reports
45%
Confidence score
Category tags
active scananalytics naasciiascii textattackbrute forcebusiness internet servicesbuttonchatclick-based attackclose logcode executioncode injectioncommand executioncontactcredential harvestingcredential stuffingcrlfcrlf linedefense evasionedit3iconerrorexecutable fileexploitation activityfindgartnergdlnameget fiosgtmw2vn2cqguest systemhtml documenthtml pagehtmldivelementidentity & access exploitationindicatorinjection activityiot securityjava sourcejsonlearnlf linelte networkmac osmalicious activitymalicious linksmalwaremetadata analysismitre attacknetworknetwork infonextnorth americaoverview zenboxphishingphishing attackphone servicespng imagepng multimediaprocesses extraprogramransomwarereactresearchedrgbarotateccwiconsaveiconshopshop verizonshortcutitemsitesmallsocial engineeringsocial media securityspansupportt1055t1055 processt1059t1071t1082t1095t1204.001t1204.002t1497t1518t1560t1562t1566.001t1566.002t1566.003t1574tag managerthreat actortitletor nodeunicode textunited statesupgradeuser executionutc amazonutc aw2761768utc aw685973utc bingutc dc685973utc dc9849921utc g12r1dx1lx7utc googleutf8 textverdictverizonverizon businessverizon business accountverizon business phoneverizon business planverizon business serviceverizon for businessvoicexiconzip archive
Activity Timeline
Apr 14Apr 14
Threat Activity Heatmap
· Peak: 2026-04-14LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
45
SIGNAL
Signal Score
45%
Confidence
3
Reports
First seenApr 9, 2026
Last seenApr 14, 2026
GeolocationUS
CountryUnited States
LocationDearborn, Michigan
OrgFord Motor Company
Coords37.7510, -97.8220
VirusTotal
Not checked
WHOIS
- description
- CC=US ASN=ASNone
- raw
- NetRange: 19.0.0.0 - 19.255.255.255 CIDR: 19.0.0.0/8 NetName: FINET NetHandle: NET-19-0-0-0-1 Parent: () NetType: Direct Allocation OriginAS: Organization: Ford Motor Company (FORDMO) RegDate: 1988-06-15 Updated: 2021-12-14 Ref: https://rdap.arin.net/registry/ip/19.0.0.0 OrgName: Ford Motor Company OrgId: FORDMO Address: P.O. Box 2053, RM E-1121 City: Dearborn StateProv: MI PostalCode: 48121-2053 Country: US RegDate: Updated: 2011-05-17 Ref: https://rdap.arin.net/registry/entity/FORDMO OrgNOCHandle: ZF4-ARIN OrgNOCName: DNS Administrator OrgNOCPhone: +1-313-390-3476 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/ZF4-ARIN OrgAbuseHandle: ZF4-ARIN OrgAbuseName: DNS Administrator OrgAbusePhone: +1-313-390-3476 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ZF4-ARIN OrgTechHandle: ZF4-ARIN OrgTechName: DNS Administrator OrgTechPhone: +1-313-390-3476 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ZF4-ARIN RAbuseHandle: ZF4-ARIN RAbuseName: DNS Administrator RAbusePhone: +1-313-390-3476 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/ZF4-ARIN RNOCHandle: ZF4-ARIN RNOCName: DNS Administrator RNOCPhone: +1-313-390-3476 RNOCEmail: [email protected] RNOCRef: https://rdap.arin.net/registry/entity/ZF4-ARIN RTechHandle: ZF4-ARIN RTechName: DNS Administrator RTechPhone: +1-313-390-3476 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/ZF4-ARIN
- references
- https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO, https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F, https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737365&Signature=S%2B7RcHYjab1hbKlKwFfvUbDirFPJS1A2TJQ3bVIObMcON4PD9pRDvhMtYMCnEBrYsICi0UJCFW5eUDolL5Jlbngsc587kF36vvuhlkPprbkSOY1jOyDTpe3Qsb6jRFz3xwOfZc9S5QervoLnRKb%2FyGSyZE6ZK6TxzBrOPczPtZ7sLf9NfD6E%2B2gMRXaRjEqVwVITLG7YqCiiNuohFOuNlK3uNHFpIk53viKvBSAIqLtSklH9bHW4q1DX, https://www.verizon.com/business/, https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737710&Signature=fbsokraSd7lsYmUfaTEl8Phs2K3hp7AtVmQU9axeEBcYmYbrrYrrfpP5lPEQaE%2Fh3%2BEP9Rn8mD8D1haqQVXCN0VVlxJ4sddjWmyC5USsgBsvUb0%2F72h1WHDS2KXHlteZWE%2Bauckabain9D5kX501AnqFY38s77OIqO6SMOkQ%2BvXiDSSRK%2FZhbfradBnei3ZLHsXGxkoshTyvB0%2BC%2F8SiUzdVsqSjik0Bn2r%2BIlLpDQK90GlZTD0N
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 months ago · Last seen 2 months ago
Appeared in 3 threat reports