IOC Radar
IPMediumSignal 69/100

66.132.172.234

Location
United StatesUnited States
Ann Arbor, Michigan
ASN
AS398324
Censys Inc
First Seen
Mar 20, 2026
Last Seen
Jun 18, 2026
Mar 20
First Seen
98d ago
Jun 18
Last Seen
8d ago
14
Reports
source reports
69%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
69%
Signal Score
69 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Network Information

CountryUSUnited States
RegionAnn Arbor, Michigan
ASNAS398324
OrganizationCensys Inc

Feed Intelligence Summary

14 reports69% confidence
14
Source reports
69%
Confidence score
Category tags
abuseaccount compromiseactive scanactive scanningaptasiaattackattacker-ipaustraliaautomated attackautomated multi-vector probingbad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute-forcebrute_forcebrute_force_attackbruteforcecloud environmentcloud infrastructurecloud infrastructure attackcloud servicescode-injectioncommunication protocolcowriecowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackdecoy systemdenial of servicedigital oceandionaeadionaea honeypotexploitationexploitation activityexploited hostexternal_threatfattfraud voipftpftp brute-forceftp_scanhackinghoneytrap honeypothttp scannerhttp_scanhttpsidentity & access exploitationinbound scanindicatorinfrastructure targetinginitial accessinitial-accessinitial_accessinjection activityinjection attacksinternet facing systemsinternet-facing assetsinternet_wide_scaniocsiot securityiot targetedip-addressipv4ipv4 addressesipv4 scanningipv4 trafficipv4_scanningjapanmailoney honeypotmalicious activitymalicious ipmalwaremalware behaviourmalware capturemirainetworknetwork attacksnetwork discoverynetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork scanning activitynetwork securitynetwork-attacknetwork_reconnaissancenetwork_scanningnorth americaoceaniaopportunistic attackp0fpassword attacksphishingphishing attackphishing trapping of deathport-scanportscanproduction_environment_threatprotocol exploitationransomwarerdp_scanreconnaissanceremote accessremote servicesresearchedresource hijackingscams & fraudscanscannerscanner ipscannersscanning activitysecurity operationssensor-taggedsentrypeer botnetservice scansip_brute_forcesip_viciousskypesmbsmtpsocradar honeypotsql injectionsql-injectionsshssh attackssh monitoringssh_brute_forcessh_scansystem accesst1021t1021.001t1040t1046t1059.003t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1590t1590.005t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcptcp protocoltcp scanningtelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat_actor_unknowntor nodetpotunited statesunknown threat actorusvoidtrapvoipvoip attackvulnerability scanvulnerability-scanvultrweb app attackweb application attackweb exploitweb exploitationweb trafficweb-attack

Activity Timeline

1 total obs
Jun 18Jun 18

Threat Activity Heatmap

· Peak: 2026-06-18
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
69
SIGNAL
Signal Score
69%
Confidence
14
Reports
First seenMar 20, 2026
Last seenJun 18, 2026
GeolocationUS
CountryUnited States
LocationAnn Arbor, Michigan
ASNAS398324
OrgCensys Inc
Coords42.2809, -83.7489

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Paris (France) honeypot

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 8 days ago
Appeared in 14 threat reports