IPMediumSignal 34/100
198.217.252.202
Location
United StatesMentor, Ohio
ASN
AS399634
Cardinal Commerce Corporation
First Seen
Dec 23, 2025
Last Seen
Dec 23, 2025
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
34%
Signal Score
34 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionMentor, Ohio
ASNAS399634
OrganizationCardinal Commerce Corporation
Feed Intelligence Summary
2 reports34% confidence
2
Source reports
34%
Confidence score
Category tags
active scanactive scanningbrute forcebrute force attackcredential accesscredential stuffingidentity & access exploitationindicatornetworknorth americapassword attacksreconnaissanceresearchedscannert1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003united statesus
Activity Timeline
Dec 23Dec 23
Threat Activity Heatmap
· Peak: 2025-12-23LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated
The IP address 198.217.252.202 represents a significant indicator of potential compromise due to its confirmed involvement in reconnaissance, active scanning, and brute-force activities. With a score exceeding 33 and a 'No' whitelist status, this IOC suggests an active threat actor or automated bot attempting to gain unauthorized access or discover vulnerabilities within our network perimeter. If left unaddressed, such activities could culminate in credential compromise, system exploitation, lat…
Threat ScoreLow Risk
34
SIGNAL
Signal Score
34%
Confidence
2
Reports
First seenDec 23, 2025
Last seenDec 23, 2025
GeolocationUS
CountryUnited States
LocationMentor, Ohio
ASNAS399634
OrgCardinal Commerce Corporation
Coords41.6807, -81.3521
VirusTotal
Not checked
WHOIS
- raw
- NetRange: 198.217.252.0 - 198.217.253.255 CIDR: 198.217.252.0/23 NetName: CCC-348 NetHandle: NET-198-217-252-0-1 Parent: NET198 (NET-198-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Cardinal Commerce Corporation (CCC-348) RegDate: 2021-03-31 Updated: 2023-02-07 Ref: https://rdap.arin.net/registry/ip/198.217.252.0 OrgName: Cardinal Commerce Corporation OrgId: CCC-348 Address: 8100 Tyler Blvd #100 City: Mentor StateProv: OH PostalCode: 44060 Country: US RegDate: 2002-08-28 Updated: 2023-03-01 Ref: https://rdap.arin.net/registry/entity/CCC-348 OrgNOCHandle: NORWA1-ARIN OrgNOCName: Norwalk, Mike OrgNOCPhone: +1-440-352-8444 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NORWA1-ARIN OrgTechHandle: NETWO9836-ARIN OrgTechName: Network Engineering OrgTechPhone: +1-440-352-8444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NETWO9836-ARIN OrgDNSHandle: SMJ7-ARIN OrgDNSName: Schick, John Michael OrgDNSPhone: +1-440-352-8444 OrgDNSEmail: [email protected] OrgDNSRef: https://rdap.arin.net/registry/entity/SMJ7-ARIN OrgRoutingHandle: SMJ7-ARIN OrgRoutingName: Schick, John Michael OrgRoutingPhone: +1-440-352-8444 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/SMJ7-ARIN OrgNOCHandle: SMJ7-ARIN OrgNOCName: Schick, John Michael OrgNOCPhone: +1-440-352-8444 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/SMJ7-ARIN OrgAbuseHandle: NORWA1-ARIN OrgAbuseName: Norwalk, Mike OrgAbusePhone: +1-440-352-8444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/NORWA1-ARIN OrgAbuseHandle: SMJ7-ARIN OrgAbuseName: Schick, John Michael OrgAbusePhone: +1-440-352-8444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/SMJ7-ARIN OrgDNSHandle: NORWA1-ARIN OrgDNSName: Norwalk, Mike OrgDNSPhone: +1-440-352-8444 OrgDNSEmail: [email protected] OrgDNSRef: https://rdap.arin.net/registry/entity/NORWA1-ARIN OrgRoutingHandle: NORWA1-ARIN OrgRoutingName: Norwalk, Mike OrgRoutingPhone: +1-440-352-8444 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/NORWA1-ARIN OrgTechHandle: SMJ7-ARIN OrgTechName: Schick, John Michael OrgTechPhone: +1-440-352-8444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/SMJ7-ARIN OrgDNSHandle: NETWO9836-ARIN OrgDNSName: Network Engineering OrgDNSPhone: +1-440-352-8444 OrgDNSEmail: [email protected] OrgDNSRef: https://rdap.arin.net/registry/entity/NETWO9836-ARIN OrgTechHandle: NORWA1-ARIN OrgTechName: Norwalk, Mike OrgTechPhone: +1-440-352-8444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NORWA1-ARIN OrgNOCHandle: NETWO9836-ARIN OrgNOCName: Network Engineering OrgNOCPhone: +1-440-352-8444 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NETWO9836-ARIN OrgRoutingHandle: NETWO9836-ARIN OrgRoutingName: Network Engineering OrgRoutingPhone: +1-440-352-8444 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/NETWO9836-ARIN OrgAbuseHandle: NETWO9836-ARIN OrgAbuseName: Network Engineering OrgAbusePhone: +1-440-352-8444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/NETWO9836-ARIN
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 5 months ago · Last seen 5 months ago
Appeared in 2 threat reports