IPMediumSignal 72/100

`66.132.195.82`

Location

United States

Ann Arbor, FL

ASN

AS398324

Censys, Inc.

First Seen

Mar 22, 2026

Last Seen

Jun 10, 2026

Mar 22

First Seen

79d ago

Jun 10

Last Seen

today

Reports

source reports

72%

Confidence

medium

14/91

VirusTotal

detections

Found in 24 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

72%

Signal Score

72 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

32 techniques

Network Information

Country

United States

RegionAnn Arbor, FL

ASNAS398324

OrganizationCensys, Inc.

Feed Intelligence Summary

24 reports72% confidence

Source reports

72%

Confidence score

Category tags

abuseaccount compromiseactive scanactive scanningadbhoney honeypotapacheapache attackeraptattackaustraliabad reputationbad web botblocklist_allblog spambotnetbotnet activitybotnet c2brute forcebrute force attackbrute force attacksbrute-forcebruteforceciscocisco devicecivil servicescloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommunication protocolconpotconpot honeypotcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackdecoy systemdenial of servicedevice managementdigital oceandionaeadionaea honeypotelasticpot honeypotelasticsearch monitoringemailenterprise networkingexploitexploitation activityexploited hostfattfraud voipftpftp brute-forcegalahgovernment technologyhackinghoneytrap honeypothttphttp scannerics securityidentity & access exploitationimapimap attackindicatorindustrial control systemsinformation technologyinjection activityinjection attacksiot securityiot targetediot/ics attackipphoney honeypotit infrastructurelampmailoney honeypotmalicious activitymalicious ip addressesmalwaremalware behaviourmalware capturenetworknetwork infrastructurenetwork intrusion attemptsnetwork scanningnetwork securitynorth americaoceaniap0fpassword attacksphishingphishing attackphishing trapportscanprotocol exploitationpublic administrationpublic infrastructurepublic policyransomwarereconnaissanceredis honeypotredishoneypotregulatory agenciesremote accessremote servicesresearchedresource hijackingsansscams & fraudscanscannerscannersscanning activitysecurity operationssensor-taggedsentrypeer botnetservice scansftpsftp attacksipsmtpsmtp attackersocial engineeringsocradar honeypotsoftware developmentspamsql injectionsshssh attackssh monitoringsystem accesst-pott1021t1021.001t1040t1041t1046t1059.003t1071t1071.001t1076t1078t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1498t1499.001t1499.002t1563t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotunited statesusvoipvoip attackvulnerability scanvulnerability-exploitationvultrweb app attackweb application attackweb exploitweb exploitationweb spamweb traffic

Activity Timeline

1 total obs

Jun 10Jun 10

Threat Activity Heatmap

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Minimal

30d

Minimal

3mo

Minimal

Threat ScoreHigh Risk

SIGNAL

Signal Score

72%

Confidence

Reports

First seenMar 22, 2026

Last seenJun 10, 2026

GeolocationUS

CountryUnited States

LocationAnn Arbor, FL

ASNAS398324

OrgCensys, Inc.

Coords25.8025, -80.3407

VirusTotal

14/ 91vendors flagged

15% detection rateJun 10, 2026

WHOIS

description: IPv4 hosts detected port scanning Vultr Tokyo (Japan) honeypot
raw: NetRange: 66.132.195.0 - 66.132.195.255 CIDR: 66.132.195.0/24 NetName: CENSY NetHandle: NET-66-132-195-0-1 Parent: NET66 (NET-66-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Censys, Inc. (CENSY) RegDate: 2024-05-14 Updated: 2024-05-14 Ref: https://rdap.arin.net/registry/ip/66.132.195.0 OrgName: Censys, Inc. OrgId: CENSY Address: 116 1/2 S Main Street City: Ann Arbor StateProv: MI PostalCode: 48104 Country: US RegDate: 2018-08-06 Updated: 2019-08-03 Comment: https://censys.io Ref: https://rdap.arin.net/registry/entity/CENSY OrgAbuseHandle: CAT20-ARIN OrgAbuseName: Censys Abuse Team OrgAbusePhone: +1-248-629-0125 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/CAT20-ARIN OrgTechHandle: COT12-ARIN OrgTechName: Censys Operations Team OrgTechPhone: +1-248-629-0125 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/COT12-ARIN OrgNOCHandle: COT12-ARIN OrgNOCName: Censys Operations Team OrgNOCPhone: +1-248-629-0125 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/COT12-ARIN
references: https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-05-31/, https://jamesbrine.com.au, https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-05-01/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-29/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-28/, https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-04-25/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-24/, https://jamesbrine.com.au/vultrparis-portscan-bruteforce-ip-list-2026-04-23/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-18/, https://jamesbrine.com.au/vultrparis-portscan-bruteforce-ip-list-2026-04-18/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-05-17/, https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-04-17/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-12/, https://jamesbrine.com.au/vultrparis-portscan-bruteforce-ip-list-2026-04-12/, https://jamesbrine.com.au/digitaloceantoronto-portscan-bruteforce-ip-list-2026-04-11/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-05-10/, https://jamesbrine.com.au/digitaloceantoronto-portscan-bruteforce-ip-list-2026-04-09/, https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-04-08/, https://jamesbrine.com.au/vultrparis-portscan-bruteforce-ip-list-2026-04-07/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-07/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-05-07/, https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-04-06/, https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-05-05/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-05-05/, https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-04-05/, https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-04-04/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-04-04/, https://jamesbrine.com.au/digitaloceantoronto-portscan-bruteforce-ip-list-2026-05-03/, https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-04-03/, https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-05-02/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-05-02/, https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-04-02/, https://jamesbrine.com.au/digitaloceantoronto-portscan-bruteforce-ip-list-2026-03-30/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-03-28/, https://jamesbrine.com.au/vultrparis-portscan-bruteforce-ip-list-2026-03-26/, https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, ip_iocs.csv, https://redpiranha.net

`66.132.195.82`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy