IOC Radar
IPMediumSignal 48/100

192.227.144.47

Location
United StatesUnited States
Buffalo, New York
ASN
AS36352
HostPapa
First Seen
Oct 19, 2022
Last Seen
Apr 23, 2026
Oct 19
First Seen
1340d ago
Apr 23
Last Seen
58d ago
21
Reports
source reports
48%
Confidence
medium
Found in 21 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
48%
Signal Score
48 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

40 techniques

Network Information

CountryUSUnited States
RegionBuffalo, New York
ASNAS36352
OrganizationHostPapa

Feed Intelligence Summary

21 reports48% confidence
21
Source reports
48%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningaptattackaustraliaauthentication attackbad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptsbrute-forcec2 communicationcommand & controlcommand and controlcommand injectioncommunication protocolcompromised hostcowrie honeypotcredential accesscredential attackcredential harvestingcredential sprayingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdenial of servicedictionary attackdionaea honeypotdistributed attacksdnsdns attackencryptionexfiltrationexploitexploitation activityexploitation attemptexploited hostfattftphackinghoneytrap honeypothttp scannerhttpsidentity & access exploitationimapimap attackindicatorinitial accessinjection activityinjection attacksinternet-facingioclateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware distributionnetworknetwork attacksnetwork intrusion attemptsnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnorth americaoceaniaopen port detectionp0fpassword attacksphishingphishing attackphishing trapping of deathpossible reconnaissancepotential intrusionpotential reconnaissance activityprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote servicesresearchedresource hijackingscannersecurity policysensor-taggedsentrypeer botnetservice scansmtpsocial engineeringsocradar honeypotssh attackssh monitoringsynt1021t1021.001t1021.002t1040t1046t1055t1056t1059t1059.003t1071t1071.001t1076t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1497t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1573t1573.001t1588t1595t1595.001t1595.002t1595.003tannertcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotunited statesusvoipvoip attackvulnerability scanweb traffic

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
48
SIGNAL
Signal Score
48%
Confidence
21
Reports
First seenOct 19, 2022
Last seenApr 23, 2026
GeolocationUS
CountryUnited States
LocationBuffalo, New York
ASNAS36352
OrgHostPapa
Coords42.8864, -78.8784

VirusTotal

Not checked

WHOIS

description
CC=US ASN=AS36352 colocrossing
raw
NetRange: 192.227.128.0 - 192.227.255.255 CIDR: 192.227.128.0/17 NetName: CC-12 NetHandle: NET-192-227-128-0-1 Parent: NET192 (NET-192-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: HostPapa (HOSTP-7) RegDate: 2013-01-29 Updated: 2024-02-02 Comment: Geofeed https://geofeeds.oniaas.io/geofeeds.csv Ref: https://rdap.arin.net/registry/ip/192.227.128.0 OrgName: HostPapa OrgId: HOSTP-7 Address: 325 Delaware Avenue Address: Suite 300 City: Buffalo StateProv: NY PostalCode: 14202 Country: US RegDate: 2016-06-06 Updated: 2024-04-26 Ref: https://rdap.arin.net/registry/entity/HOSTP-7 OrgAbuseHandle: NETAB23-ARIN OrgAbuseName: NETABUSE OrgAbusePhone: +1-905-315-3455 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/NETAB23-ARIN OrgTechHandle: NETTE9-ARIN OrgTechName: NETTECH OrgTechPhone: +1-905-315-3455 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NETTE9-ARIN RAbuseHandle: NETAB27-ARIN RAbuseName: NETABUSE-COLOCROSSING RAbusePhone: +1-800-518-9716 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/NETAB27-ARIN RTechHandle: NETTE11-ARIN RTechName: NETTECH-COLOCROSSING RTechPhone: +1-800-518-9716 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/NETTE11-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 1 month ago
Appeared in 21 threat reports