IPMediumSignal 30/100
212.56.53.33
Location
United StatesLos Angeles, California
ASN
AS4213
VPN Consumer Los Angeles, United States
First Seen
Apr 25, 2025
Last Seen
Jun 5, 2026
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
30%
Signal Score
30 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionLos Angeles, California
ASNAS4213
OrganizationVPN Consumer Los Angeles, United States
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
12 reports30% confidence
12
Source reports
30%
Confidence score
Category tags
abuseactive scanactive scanningantispambad reputationbrute forcecredential accesscredential stuffingdarkforumseuropeexploitation activityexploited hostfinlandfranceftp brute forcegermanyhoneynet connecthttp brute forceidentity & access exploitationinformation technologyit infrastructurelateral movementlog4jlogin attemptmalwarenetworknetwork enumerationnetwork intrusionnetwork scanningnetwork securitynorth americapassword attackpolandprotocol exploitationproxyreconnaissanceremote accessremote servicesresearchedscannerscanning activitysmb brute forcesmtp brute forcesoftware developmentspamssh attackt1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1059t1059.001t1059.003t1059.004t1068t1076t1078t1110t1110.001t1110.002t1563t1592t1595t1595.001t1595.002t1595.003tcp scantelnet threatudp scanunauthorized access attemptunited kingdomunited statesusvpn
Activity Timeline
Jun 5Jun 5
Threat Activity Heatmap
· Peak: 2026-06-05LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
30
SIGNAL
Signal Score
30%
Confidence
12
Reports
First seenApr 25, 2025
Last seenJun 5, 2026
GeolocationUS
CountryUnited States
LocationLos Angeles, California
ASNAS4213
OrgVPN Consumer Los Angeles, United States
Coords51.4964, -0.1224
ProxyVPN
VirusTotal
Not checked
WHOIS
- raw
- NetRange: 212.0.0.0 - 212.255.255.255 CIDR: 212.0.0.0/8 NetName: RIPE-NCC-212 NetHandle: NET-212-0-0-0-1 Parent: () NetType: Allocated to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 1997-11-14 Updated: 2025-02-10 Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois. Ref: https://rdap.arin.net/registry/ip/212.0.0.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE ReferralServer: whois.ripe.net ResourceLink: https://apps.db.ripe.net/db-web-ui/query OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 9 days ago
Appeared in 12 threat reports