IOC Radar
IPMediumSignal 32/100

204.8.96.115

Location
United StatesUnited States
San Angelo, Texas
ASN
AS62744
Equinix Dallas
First Seen
Apr 15, 2024
Last Seen
Jun 5, 2026
Apr 15
First Seen
791d ago
Jun 5
Last Seen
10d ago
21
Reports
source reports
32%
Confidence
medium
Found in 21 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
32%
Signal Score
32 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

55 techniques

Network Information

CountryUSUnited States
RegionSan Angelo, Texas
ASNAS62744
OrganizationEquinix Dallas

IP Category

Proxy
Proxy server

Feed Intelligence Summary

21 reports32% confidence
21
Source reports
32%
Confidence score
Category tags
abuseaccess controlactive scanninganonymity network abuseantispamapplication layer protocolaptbad web botbotnetbrute forcebrute force attackc2 communicationcnccommand and controlcommunication protocolcompromised hostscredential accesscredential harvestingcredential stuffingdarkforumsdata exfiltrationddosddos preparationdenial of servicedirectory enumerationdistributed attacksexit nodeexploit attemptexploitation attemptsfirehol level1ftpftp brute forcehackinghttp scannerhttpsintrusion detectionlateral movementlog4jlogin attackmalicious domainmalicious softwaremalwaremalware distributionnetworknetwork attacksnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork trafficnorth americapassword attackpassword attacksphishing attackprocess injectionprotocol exploitationproxyproxy abusereconnaissanceresearchedrtbhscannerscanning activityscripting attackssecurity policyservice enumerationsocial engineeringspamspamhaus dropssh attackt1016t1018t1021t1040t1046t1053t1055t1059t1059.001t1059.003t1059.004t1059.007t1068t1071t1071.001t1071.002t1071.004t1078t1078.002t1090t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1199t1203t1204t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1572t1573t1573.001t1583t1588t1589t1589.002t1592t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat intelligencethreat preventiontortor activitytor exit nodetor exitstor networkunited statesunited states of americausvpn ipweb application attackweb application scanningweb attackweb exploitationweb scannerweb scannersweb spamweb traffic

Activity Timeline

1 total obs
Jun 5Jun 5

Threat Activity Heatmap

· Peak: 2026-06-05
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
32
SIGNAL
Signal Score
32%
Confidence
21
Reports
First seenApr 15, 2024
Last seenJun 5, 2026
GeolocationUS
CountryUnited States
LocationSan Angelo, Texas
ASNAS62744
OrgEquinix Dallas
Coords37.7510, -97.8220
Proxy

VirusTotal

Not checked

WHOIS

description
tor search result.
raw
NetRange: 204.8.96.0 - 204.8.99.255 CIDR: 204.8.96.0/22 NetName: QUINTEX96 NetHandle: NET-204-8-96-0-1 Parent: NET204 (NET-204-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Quintex Alliance Consulting (QAC-4) RegDate: 2022-12-19 Updated: 2022-12-19 Ref: https://rdap.arin.net/registry/ip/204.8.96.0 OrgName: Quintex Alliance Consulting OrgId: QAC-4 Address: 6730 Goodland Loop City: San Angelo StateProv: TX PostalCode: 76901 Country: US RegDate: 1994-06-03 Updated: 2022-01-04 Ref: https://rdap.arin.net/registry/entity/QAC-4 OrgNOCHandle: JR125-ARIN OrgNOCName: Ricketts, John L OrgNOCPhone: +1-325-304-1600 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/JR125-ARIN OrgDNSHandle: JR125-ARIN OrgDNSName: Ricketts, John L OrgDNSPhone: +1-325-304-1600 OrgDNSEmail: [email protected] OrgDNSRef: https://rdap.arin.net/registry/entity/JR125-ARIN OrgTechHandle: JR125-ARIN OrgTechName: Ricketts, John L OrgTechPhone: +1-325-304-1600 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/JR125-ARIN OrgAbuseHandle: JR125-ARIN OrgAbuseName: Ricketts, John L OrgAbusePhone: +1-325-304-1600 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/JR125-ARIN OrgRoutingHandle: JR125-ARIN OrgRoutingName: Ricketts, John L OrgRoutingPhone: +1-325-304-1600 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/JR125-ARIN
references
https://check.torproject.org/torbulkexitlist, https://list.rtbh.com.tr/output.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, Exit_Nodes.csv

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 10 days ago
Appeared in 21 threat reports