IOC Radar
IPMediumSignal 65/100

47.254.28.88

Location
United StatesUnited States
Minkler, California
ASN
AS45102
Alibaba Cloud - US
First Seen
Jan 21, 2026
Last Seen
Jun 12, 2026
Jan 21
First Seen
153d ago
Jun 12
Last Seen
11d ago
13
Reports
source reports
65%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

38 techniques

Network Information

CountryUSUnited States
RegionMinkler, California
ASNAS45102
OrganizationAlibaba Cloud - US

Feed Intelligence Summary

13 reports65% confidence
13
Source reports
65%
Confidence score
Category tags
abuseaccount compromiseactive scanactive scanningasiaattackaustraliabad reputationbad web botblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute-forcebruteforcecisco devicecivil servicescloud infrastructurecloud infrastructure attackcloud servicescommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackdecoy systemdenial of servicedevice managementdigital oceandigitalocean ipsdionaeadionaea honeypotenterprise networkingexploitexploit public-facing applicationexploitation activityexploited hostfattfraud ordersftpftp brute forceftp brute-forcegovernment technologyhackinghoneytrap honeypothttp scanneridentity & access exploitationindicatorinformation technologyinfrastructure targetinginjection activityinjection attacksintrusion detectioniot securityiot targetedipv4it infrastructurejapanlampmailoney honeypotmalicious activitymalwaremalware behaviourmalware capturemalware distributionnetworknetwork attacksnetwork discoverynetwork infrastructurenetwork intrusion attemptsnetwork port scanningnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynorth americaoceaniaopen port detectionp0fpassword attacksphishingphishing attackphishing trapportscanprotocol exploitationpublic administrationpublic infrastructurepublic policyreconnaissanceregulatory agenciesremote accessremote servicesresearchedresource hijackingscams & fraudscannerscannersscanning activitysecurity operationssensor-taggedsentrypeer botnetservice enumerationservice scansftp attacksmtpsocial engineeringsoftware developmentsshssh attackssh monitoringsynsystem accesst1016t1021t1021.001t1040t1041t1046t1059t1059.003t1071t1071.001t1076t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1498t1499.001t1499.002t1499.003t1563t1566.001t1566.002t1566.003t1589t1590t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scanningtelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotunauthorized accessunited statesusvoipvoip attackvulnerability scanvulnerability-exploitationvultrweb app attackweb application attackweb exploitweb exploitationweb traffic

Activity Timeline

1 total obs
Jun 12Jun 12

Threat Activity Heatmap

· Peak: 2026-06-12
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
13
Reports
First seenJan 21, 2026
Last seenJun 12, 2026
GeolocationUS
CountryUnited States
LocationMinkler, California
ASNAS45102
OrgAlibaba Cloud - US
Coords36.7783, -119.4180

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Tokyo (Japan) honeypot

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 months ago · Last seen 11 days ago
Appeared in 13 threat reports