IOC Radar
IPMediumSignal 70/100

64.53.7.231

Location
United StatesUnited States
Summerville, South Carolina
ASN
AS16863
Spirit Communications
First Seen
Mar 15, 2025
Last Seen
Jun 13, 2026
Mar 15
First Seen
469d ago
Jun 13
Last Seen
15d ago
29
Reports
source reports
70%
Confidence
medium
8/91
VirusTotal
detections
Found in 29 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

48 techniques

Network Information

CountryUSUnited States
RegionSummerville, South Carolina
ASNAS16863
OrganizationSpirit Communications

IP Category

VPN
VPN exit node

Feed Intelligence Summary

29 reports70% confidence
29
Source reports
70%
Confidence score
Category tags
abuseaccess controlaccount accessaccount compromiseaccount enumerationaccount takeover attemptaccount-compromiseactive scanactive scanningadbhoney honeypotadresse ipapacheapache attackeraptasiaattackattacker ip addressesauthenticationauthentication abuseauthentication attackauthentication brute forceauthentication bypassauthentication-failureazure adbad reputationbad web botbankingbelgiumbelgium ip addressesblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attemptbrute force attemptsbrute-forcebrute-force attackbruteforcec2 communicationc2 serverciscocisco devicecisco exploitation attemptcisco exploitation attemptscloud account securitycloud environmentcloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostcompromised hostscowriecowrie honeypotcowrie ssh activitycredential accesscredential attackcredential brute forcecredential compromisecredential harvestingcredential stuffingcredential-accesscredential-dumpingcredential-harvestingcredit card servicesctadata exfiltrationdata store exposuredata theftddosddos attackdecoy systemdenial of servicedevice managementdigital oceandigitalocean infrastructuredistributed attacksemailemail-protocolenterprise networkingenv-huntingeuropeexploitation activityexploited hostfinancefinance and insurancefinancial servicesfinancial technologyfinlandfinland activityfnt-secure-sentinelfnt-sentinelfrancefraud ordersfraud voipftp brute forcegermanyhackinghoneynet connecthoneytrap honeypothttp brute forceidentity & access exploitationimapimap attackimap brute forceindicatorinformation technologyinitial accessinjection activityinternet-facing assetsiocipv4it infrastructurelamplamp exploitation attemptslamp stack targetinglateral movementlogin attacklogin attemptlogin attemptslogin brute forcelogin-attackmalaysiamalicious activitymalicious activity detectedmalicious hostmalicious ipsmalicious softwaremalicious-ipmalwaremalware behaviourmalware capturemalware distributionmicrosoft entramicrosoft entra idmultiple accounts targetedmultiple usersmultiple users affectednetworknetwork attacksnetwork brute forcenetwork discoverynetwork infrastructurenetwork intrusionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnetwork-protocolnginxnorth americaopenctiopportunistic attackpassword attackpassword attackspassword crackingpassword sprayingpassword-attackpayment processingphishingphishing attackpolandpop3 brute forceportscanpotential-atoprivateprocess injectionproject_gifted1protocol exploitationreconnaissanceremote accessremote servicesresearchedresource hijackingsaslsasl authenticationsasl authentication attacksasl brute forcescams & fraudscannerscannersscanning activitysecurity operationssecurity policyservice scansftpsftp access attemptsftp attacksmtpsmtp attackersmtp brute forcesmtp-attacksocial engineeringsoftware developmentspamsshssh attackssh monitoringssh-bruteswedent1021t1021.001t1021.004t1040t1041t1046t1055t1059t1071t1071.001t1076t1078t1078.002t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1573t1573.001t1588t1588.004t1589t1589.002t1590t1595t1595.001t1595.002t1595.003t1598t1598.003tcptcp brute forcetcp protocoltcp protocol attacktcp scantelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodeturkeyudp scanunauthorized accessunauthorized access attemptunauthorized login attemptsunited statesusvpnvpn ipvulnerability scanvultrwealth managementweb app attackweb application attackweb exploitationweb spamworker_strike

Activity Timeline

1 total obs
Jun 13Jun 13

Threat Activity Heatmap

· Peak: 2026-06-13
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
70
SIGNAL
Signal Score
70%
Confidence
29
Reports
First seenMar 15, 2025
Last seenJun 13, 2026
GeolocationUS
CountryUnited States
LocationSummerville, South Carolina
ASNAS16863
OrgSpirit Communications
Coords32.7765, -79.9310
VPN

VirusTotal

8/ 91vendors flagged
9% detection rateJun 14, 2026

WHOIS

raw
Spirit Communications IAVE-2 (NET-64-53-0-0-1) 64.53.0.0 - 64.53.127.255 Home Telephone Company, Inc. IA-64-53-7-1 (NET-64-53-7-0-1) 64.53.7.0 - 64.53.7.255

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 15 days ago
Appeared in 29 threat reports