IOC Radar
IPMediumSignal 0/100

216.218.206.68

Location
United StatesUnited States
Cazadero, California
ASN
AS6939
The Shadow Server Foundation
First Seen
Aug 26, 2020
Last Seen
Jun 7, 2026
Aug 26
First Seen
2115d ago
Jun 7
Last Seen
5d ago
2
Reports
source reports
0%
Confidence
medium
11/91
VirusTotal
detections
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryUSUnited States
RegionCazadero, California
ASNAS6939
OrganizationThe Shadow Server Foundation

Feed Intelligence Summary

2 reports0% confidence
2
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched

Activity Timeline

1 total obs
Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
2
Reports
First seenAug 26, 2020
Last seenJun 7, 2026
GeolocationUS
CountryUnited States
LocationCazadero, California
ASNAS6939
OrgThe Shadow Server Foundation
Coords37.6951, -121.9000

VirusTotal

11/ 91vendors flagged
12% detection rateJun 8, 2026

WHOIS

description
IPv4 hosts detected port scanning Vultr Paris (France) honeypot
raw
Hurricane Electric LLC HURRICANE-1 (NET-216-218-128-0-1) 216.218.128.0 - 216.218.255.255 The Shadowserver Foundation, Inc. HURRICANE-CE2897-8B8B5023 (NET-216-218-206-64-1) 216.218.206.64 - 216.218.206.127
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 5 days ago
Appeared in 2 threat reports