IOC Radar
IPMediumSignal 97/100

216.131.75.53

Location
United StatesUnited States
Atlanta, Georgia
ASN
AS62651
Netprotect
First Seen
Sep 16, 2022
Last Seen
Jun 5, 2026
Sep 16
First Seen
1367d ago
Jun 5
Last Seen
9d ago
12
Reports
source reports
97%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
97%
Signal Score
97 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

57 techniques

Network Information

CountryUSUnited States
RegionAtlanta, Georgia
ASNAS62651
OrganizationNetprotect

IP Category

Proxy
Proxy server
Hosting
Hosting provider

Feed Intelligence Summary

12 reports97% confidence
12
Source reports
97%
Confidence score
Category tags
abuseaccount brute forceactive scanningalienvault_ransomwareattackauthentication attackauthentication bypassbad web botbotnetbrute forcebrute force attackbrute_forcecertcisacisa advisorycode executioncommand and controlcommand executioncommand injectioncommunication protocolcontactcredential accesscredential stuffingcredential_accesscybercyboxd brokerdbdata exfiltrationdb brokerdb accessdenial of servicedistributed attacksenumerationexfiltrationexploitation of pgpasswordfileobjftpftp brute forcegogogsbadmin credential compromisehashhasheshttp brute forcehttp scannerimapindicatoringress tool transferinitial accessinstallipv4ivanti connect secureivanti epmmivanti policy securelateral movementlocalmalicious activitymalicious downloadmalicious softwaremalwaremalware distributionmatrixnetworknetwork attacksnetwork intrusionnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork_reconnaissancenorth americaobjectpassword attackpassword attackspersistence mechanismspgpasswordpgsqlpwphishingprivilege escalationprocess injectionprotocol exploitationproxypsexecpythonrce vulnerabilityreconnaissanceredacted gsbremote accessremote code executionremote servicesresearchedscannersmallsmb scanningsmtpsmtp brute forcesoftware exploitationssh attackstixstrongsyn scant1003t1003.001t1018t1021t1021.001t1027t1027.003t1040t1046t1053.005t1055t1059t1059.004t1068t1071t1071.001t1076t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1140t1189t1190t1199t1203t1204.002t1210t1219t1486t1496t1499.001t1499.002t1499.003t1505t1505.003t1543.003t1547.001t1548t1550.002t1552t1555.003t1556t1563t1564t1565t1566t1589t1595t1595.001t1595.002t1595.003tcp protocoltcp scantcp scanningtelnet threatthreat actortitletoolsu gsbadminudp scanunited statesupgradeusweb application attackweb exploitationweb trafficwebshell deploymentzerozero-day vulnerability

Activity Timeline

1 total obs
Jun 5Jun 5

Threat Activity Heatmap

· Peak: 2026-06-05
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
97
SIGNAL
Signal Score
97%
Confidence
12
Reports
First seenSep 16, 2022
Last seenJun 5, 2026
GeolocationUS
CountryUnited States
LocationAtlanta, Georgia
ASNAS62651
OrgNetprotect
Coords33.7489, -84.3879
ProxyHosting

VirusTotal

Not checked

WHOIS

description
CC=US ASN=AS62651 NETPROTECT-62651

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 9 days ago
Appeared in 12 threat reports