IOC Radar
IPMediumSignal 35/100

216.115.134.32

Location
United StatesUnited States
Prairieville, LA
ASN
AS5009
DHCP Pool FTTH/DSL
First Seen
Dec 24, 2024
Last Seen
Apr 5, 2026
Dec 24
First Seen
537d ago
Apr 5
Last Seen
70d ago
17
Reports
source reports
35%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
35%
Signal Score
35 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

35 techniques

Network Information

CountryUSUnited States
RegionPrairieville, LA
ASNAS5009
OrganizationDHCP Pool FTTH/DSL

Feed Intelligence Summary

17 reports35% confidence
17
Source reports
35%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiaattackauto-generated securitybad reputationbotnetbotnet activitybrute forcebrute force attackcommand and controlcommunication protocolcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposureddosddos attacksdecoy systemdenial of servicedistributed attacksexploitation activityftpftp brute forcehttp brute forceidentity & access exploitationindicatorinitial accessinjection activityinternet of thingsiot botnetiot securityiot/ics attackkazakhstankaznetmalicious activitymalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork probingnetwork protocolnetwork scanningnetwork traffic analysisnorth americapassword attacksphishingphishing attackpossible botnet activitypossible reconnaissance activityprocess injectionreconnaissanceremote accessremote servicesresearchedscannersecurity policysmtp brute forcesocial engineeringssh attackt1018t1021t1021.001t1040t1046t1053t1055t1059t1059.004t1071.001t1076t1083t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1563t1565t1566t1566.001t1566.002t1566.003t1583t1583.001t1583.002t1595t1595.001t1595.002t1595.003tcp protocoltelecommunicationsthreat actorthreat intelligencethreat preventiontor nodeunauthorized access attemptunited statesvulnerability scan

Activity Timeline

1 total obs
Apr 5Apr 5

Threat Activity Heatmap

· Peak: 2026-04-05
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
35
SIGNAL
Signal Score
35%
Confidence
17
Reports
First seenDec 24, 2024
Last seenApr 5, 2026
GeolocationUS
CountryUnited States
LocationPrairieville, LA
ASNAS5009
OrgDHCP Pool FTTH/DSL
Coords30.2459, -90.9158

VirusTotal

Not checked

WHOIS

description
Information from proprietary sensors in the KazNET
raw
NetRange: 216.115.128.0 - 216.115.159.255 CIDR: 216.115.128.0/19 NetName: NET-216-115-128-0-1 NetHandle: NET-216-115-128-0-1 Parent: NET216 (NET-216-0-0-0-0) NetType: Direct Allocation OriginAS: AS5009 Organization: REV (ADTL) RegDate: 1998-11-12 Updated: 2012-03-02 Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE Ref: https://rdap.arin.net/registry/ip/216.115.128.0 OrgName: REV OrgId: ADTL Address: 913 S. Burnside City: Gonzales StateProv: LA PostalCode: 70737 Country: US RegDate: 1995-03-15 Updated: 2025-01-24 Ref: https://rdap.arin.net/registry/entity/ADTL ReferralServer: rwhois://rwhois.eatel.net:4321 OrgAbuseHandle: ABUSE9234-ARIN OrgAbuseName: ABUSE OrgAbusePhone: +1-225-743-7125 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE9234-ARIN OrgTechHandle: IA13-ARIN OrgTechName: IP Administrator OrgTechPhone: +1-225-743-7125 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/IA13-ARIN RTechHandle: IA13-ARIN RTechName: IP Administrator RTechPhone: +1-225-743-7125 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/IA13-ARIN RNOCHandle: IA13-ARIN RNOCName: IP Administrator RNOCPhone: +1-225-743-7125 RNOCEmail: [email protected] RNOCRef: https://rdap.arin.net/registry/entity/IA13-ARIN RAbuseHandle: ABUSE525-ARIN RAbuseName: Abuse RAbusePhone: +1-225-743-7276 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE525-ARIN
references
https://threats.kz

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 17 threat reports