IPMediumSignal 68/100

`216.25.89.71`

Location

United States

Santa Clara, GA

ASN

AS396982

Palo Alto Networks, Inc

First Seen

Apr 24, 2026

Last Seen

Jun 22, 2026

Apr 24

First Seen

59d ago

Jun 22

Last Seen

today

Reports

source reports

68%

Confidence

medium

Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

68%

Signal Score

68 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

1 techniques

Network Information

Country

United States

RegionSanta Clara, GA

ASNAS396982

OrganizationPalo Alto Networks, Inc

Feed Intelligence Summary

12 reports68% confidence

Source reports

68%

Confidence score

Category tags

abuseactive scanadminaptbad reputationbad web botbotnetbotnet activitybrute forcebrute force attackerbrute-forcecowrieddosddos attackdigital oceandionaeaexploitation activityexploited hostfattfraud voipftp brute-forcehackinginbound scanindicatorinjection activityiot securityiot targetedmalicious ipmirainetworknorth americap0fping of deathportscanrdpresearchedscams & fraudscanscannerscannerssensor-taggedservice scansql injectionssht-pott1595tannertargeting databasetcptelnetthreat actortor nodetpotunited statesusvultrweb app attackwinwindows

Activity Timeline

1 total obs

Jun 22Jun 22

Threat Activity Heatmap

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

68%

Confidence

Reports

First seenApr 24, 2026

Last seenJun 22, 2026

GeolocationUS

CountryUnited States

LocationSanta Clara, GA

ASNAS396982

OrgPalo Alto Networks, Inc

Coords33.7485, -84.3871

VirusTotal

Not checked

WHOIS

description: Observed on T-Pot within last 24h; sensors=p0f; threshold?1; private IPs excluded. geo=US; ports=4002 Location=Sydney, Australia.
raw: NetRange: 216.25.88.0 - 216.25.95.255 CIDR: 216.25.88.0/21 NetName: PAN-22 NetHandle: NET-216-25-88-0-1 Parent: NET216 (NET-216-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Palo Alto Networks, Inc (PAN-22) RegDate: 2024-09-19 Updated: 2024-09-19 Ref: https://rdap.arin.net/registry/ip/216.25.88.0 OrgName: Palo Alto Networks, Inc OrgId: PAN-22 Address: Palo Alto Networks Address: 3000 Tannery Way Address: Santa Clara, CA 95054 City: Santa Clara StateProv: CA PostalCode: 95054 Country: US RegDate: 2017-11-22 Updated: 2024-11-25 Ref: https://rdap.arin.net/registry/entity/PAN-22 OrgTechHandle: GNS20-ARIN OrgTechName: Global Network Services OrgTechPhone: +1-408-753-4000 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/GNS20-ARIN OrgAbuseHandle: IPABU42-ARIN OrgAbuseName: IP Abuse OrgAbusePhone: +1-408-753-4000 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/IPABU42-ARIN

`216.25.89.71`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey