IOC Radar
IPMediumSignal 0/100

4.156.21.72

Location
United KingdomUnited Kingdom
Boydton, Virginia
ASN
AS8075
Microsoft Azure Cloud (eastus)
First Seen
Mar 4, 2025
Last Seen
Apr 5, 2025
Mar 4
First Seen
475d ago
Apr 5
Last Seen
443d ago
1
Reports
source reports
0%
Confidence
medium
Found in 1 report. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryGBUnited Kingdom
RegionBoydton, Virginia
ASNAS8075
OrganizationMicrosoft Azure Cloud (eastus)

Feed Intelligence Summary

1 report0% confidence
1
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched

Activity Timeline

1 total obs
Apr 5Apr 5

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC) for the IP address 4.156.21.72 has been identified as benign and low-risk. Its inclusion on a whitelist, coupled with an exceptionally low threat score of 0.0, strongly indicates that this IP address is not associated with malicious activity. Consequently, there is no immediate or significant threat posed to the organization from this particular indicator. While it appears in threat intelligence feeds, this presence does not, by itself, signify hostile behavior…

Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
1
Reports
First seenMar 4, 2025
Last seenApr 5, 2025
GeolocationGB
CountryUnited Kingdom
LocationBoydton, Virginia
ASNAS8075
OrgMicrosoft Azure Cloud (eastus)
Coords36.6777, -78.3747

VirusTotal

Not checked

WHOIS

description
[hp3] Honeypot: Honeytrap : 4.156.21.72:7001 :Malicious Activity: {'protocol': 'tcp', 'payload': {'md5_hash': 'ca8f5909bee714f56b3c5d5ec5ec55b2', 'length': 113, 'data_hex': '474554202f20485454502f312e310d0a486f73743a2039392e31382e32362e32313a373030310d0a557365722d4167656e743a204d6f7a696c6c612f352e30207a677261622f302e780d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a', 'sha512_hash': '24619d8606312980ff8d623e2cb768472d2075cd92b92caf18d8f3b1829e31cafe42fdc40d0daf5d02ef91933e452e32d906baa333330be3baee283c7660fdeb'}} : {'remote_ip': '0.0.0.0', 'remote_port': 0, 'local_port': 0, 'local_ip': '0.0.0.0', 'protocol': 'ip', 'payload': {'md5_hash': 'd41d8cd98f00b204e9800998ecf8427e', 'length': 0, 'data_hex': '', 'sha512_hash': 'cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e'}}

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 year ago
Appeared in 1 threat report