IOC Radar
IPMediumSignal 13/100

216.120.203.26

Location
United StatesUnited States
Denver, Colorado
ASN
AS395092
Shock Hosting LLC
First Seen
Jan 31, 2022
Last Seen
Jun 10, 2026
Jan 31
First Seen
1591d ago
Jun 10
Last Seen
yesterday
8
Reports
source reports
13%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
13%
Signal Score
13 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

44 techniques

Network Information

CountryUSUnited States
RegionDenver, Colorado
ASNAS395092
OrganizationShock Hosting LLC

Feed Intelligence Summary

8 reports13% confidence
8
Source reports
13%
Confidence score
Category tags
abuseaccess controlalienvault_ransomwareaptautomotive manufacturingbad reputationbotnetbrute forcebrute_forcebuilding constructionbyovdc2castletapcivil servicescommand and controlcommand executioncommunication protocolcompromised devicecompromised hostcompromised systemconceptconstruction materialsconstruction safetyconstruction technologycredential accesscredential stuffingcredential_accesscrystal eyedata encryptiondata exfiltrationdata theftddos attacksdecoy systemdefense evasiondistributed attacksdownloaderdriver exploitationedr bypassedr disableegregorelectronics manufacturingeurope/asiaextortionfortiosftpgolden chickensgovernment technologyhashes filehostkeyimpactindicatorindustrial automationindustrial iotindustrial productioninformation technologyinternet of thingsintrusion detectioniot botnetiot/ics attackit infrastructurekernel driverlateral movementlistlogmalicious powershell activitymalicious softwaremalwaremanufacturing technologymirai botnetmora_001networknetwork attacksnetwork securitynetwork trafficnetwork_reconnaissancenorth americaphantom mantisphaseprivilege escalationprocess injectionprocess manufacturingprodaftprotocol exploitationpsexecpublic administrationpublic infrastructurepublic policyqilinqilin ransomwarequality controlraasransomwarered piranharegulatory agenciesremoteremote accessremote servicesreptileresearchedrussiascanscannerscripting attackssecurity policyserviceshock hostingsoftware developmentssh attacksupply chain managementsystem disruptiont1003t1021t1021.001t1027t1040t1049t1053t1055t1059t1059.001t1068t1070t1071t1071.001t1076t1078t1086t1087t1105t1110t1110.002t1133t1134t1190t1204t1204.002t1486t1490t1496t1497t1499.001t1499.002t1499.003t1529t1547t1547.001t1562t1562.001t1562.002t1563t1565t1566t1595t1622tacticstcp protocoltdirtechtelnet threattempthreat intelligencethreat preventiontpwsav.systtpsunc3886united statesveeam backupvmwarevmware esxivpn compromisezero

Activity Timeline

1 total obs
Jun 10Jun 10

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
13
SIGNAL
Signal Score
13%
Confidence
8
Reports
First seenJan 31, 2022
Last seenJun 10, 2026
GeolocationUS
CountryUnited States
LocationDenver, Colorado
ASNAS395092
OrgShock Hosting LLC
Coords39.7392, -104.9900

VirusTotal

Not checked

WHOIS

description
CC=US ASN=AS395092 shock hosting llc

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 1 day ago
Appeared in 8 threat reports