IOC Radar
IPMediumSignal 85/100

209.74.87.100

Location
United StatesUnited States
Los Angeles, Georgia
ASN
AS22612
Namecheap, Inc.
First Seen
Feb 24, 2026
Last Seen
Jun 2, 2026
Feb 24
First Seen
110d ago
Jun 2
Last Seen
11d ago
9
Reports
source reports
85%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
85%
Signal Score
85 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

54 techniques

Network Information

CountryUSUnited States
RegionLos Angeles, Georgia
ASNAS22612
OrganizationNamecheap, Inc.

Feed Intelligence Summary

9 reports85% confidence
9
Source reports
85%
Confidence score
Category tags
academic institutionsactive scanactive scanningaerospace & defenseafricaai-assistedaptapt groupsarenac2attemptbackdoorbankingbashbash script exploitationbinshbitcoinaddressbotnet activitybrute forcebrute force attackc2c2 communicationc2 mediumcertcivil servicesclassloadercleanupcode executioncommand & controlcommand and controlcommand executioncommunication protocolcompromised hostcontagious interview campaigncredential accesscredential harvestingcredential stuffingcredit card servicescritical domaincryptocurrencycyber espionagecyber threatscyberattacksdark scepterddosdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedestination ipdevtcpdomaindust spectereducational resourceseducational serviceseducational technologyegyptelectronic health recordsencoded urlencryptionenergyenergy distributioneuropeexecutable fileexfiltrationexploitationexploitation activityfederal officefinancefinance and insurancefinancial servicesfinancial technologyfleet managementfoudrefreight servicesftp brute forcegeneratedbotidgeopolitical conflictgeopolitical tensionsghostbackdoorghostfetchgovernment technologyhandalahashhealth care and social assistancehealth information technologyhealthcare information systemshigh domainhigh iphigher educationhospital managementhttp brute forcehttp scanneridentity & access exploitationindicatorinformation technologyinfrastructure acquisitionreconnaissanceinfrastructure analysisingress tool transferiocs: bitcoinaddressiocs: domainiocs: filehashiocs: registryiot securityipv4ipv62a03ipv62a12iranian aptiranian threat actorsit infrastructureivantiivanti epmmjordank-12 educationkeyc2logicmalicious downloadmalwaremalware deliverymalware distributionmaritime transportmedical servicesmenamilitary operationsmimicratmoismuddywatermuddywater apt campaignnational securitynetworknetwork probingnetwork scanningnetwork securitynorth americaoil & gasoperation olalampopalo altopassenger transportationpassword attackspatient carepayment processingpersianc2phishingphishing attackport8083 domainpost-exploitationpower generationpower systemsproactive defenseprotocol exploitationpublic administrationpublic infrastructurepublic policypython3rail transportransomwarereconnaissanceregulatory agenciesremote accessrenewable energyresearchedrustrust backdoorscannersecurity operationssent baseinfoservice scansitesliversocial engineeringsocradarsoftware developmentsoftware exploitationssh attacksuspected botnetsystemt1003t1016t1021t1027t1033t1036t1040t1041t1046t1053t1055t1056t1059t1059.003t1059.004t1070t1070.004t1071t1071.001t1078t1082t1083t1102t1105t1110.001t1110.002t1110.003t1110.004t1133t1140t1190t1203t1204t1204.002t1497t1499.001t1499.002t1505.003t1547t1547.001t1552t1566t1566.001t1566.002t1566.003t1569t1573t1587.001t1588t1590.001t1595.001t1595.002t1595.003t1598tamecattelecommunicationstelnet threattempthreat actorthreat group: cleaverthreat group: copykittensthreat group: handalathreat group: leafminerthreat group: oilrigthreat group: ransomhousethreat intelligencetimetls fingerprintingtor nodetransportation and warehousingtransportation infrastructuretransportation technologytriton fork campaigntsundere botnetunauthenticated accessunited statesusvoid manticorewealth managementweb application attackweb exploitationweb trafficwebshellzero-day exploitation

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
85
SIGNAL
Signal Score
85%
Confidence
9
Reports
First seenFeb 24, 2026
Last seenJun 2, 2026
GeolocationUS
CountryUnited States
LocationLos Angeles, Georgia
ASNAS22612
OrgNamecheap, Inc.
Coords33.7488, -84.3875

VirusTotal

Not checked

WHOIS

description
CC=US ASN=ASNone
raw
NetRange: 209.74.64.0 - 209.74.95.255 CIDR: 209.74.64.0/19 NetName: NAMEC-4 NetHandle: NET-209-74-64-0-1 Parent: NET209 (NET-209-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Namecheap, Inc. (NAMEC-4) RegDate: 2023-10-26 Updated: 2024-09-18 Comment: Geofeed https://geofeed.web-hosting.com/geofeed.csv Ref: https://rdap.arin.net/registry/ip/209.74.64.0 OrgName: Namecheap, Inc. OrgId: NAMEC-4 Address: 11400 W. Olympic Blvd. Suite 200 City: Los Angeles StateProv: CA PostalCode: 90064 Country: US RegDate: 2011-01-28 Updated: 2024-11-25 Ref: https://rdap.arin.net/registry/entity/NAMEC-4 ReferralServer: rwhois://whois.namecheaphosting.com:4321 OrgTechHandle: EFIME-ARIN OrgTechName: Efimenko, Igor OrgTechPhone: +1-323-375-2822 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/EFIME-ARIN OrgAbuseHandle: ABUSE2885-ARIN OrgAbuseName: Abuse team OrgAbusePhone: +1-323-375-2822 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE2885-ARIN OrgTechHandle: TECHT4-ARIN OrgTechName: Tech team OrgTechPhone: +1-323-375-2822 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/TECHT4-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 11 days ago
Appeared in 9 threat reports