IOC Radar
IPMediumSignal 71/100

66.132.224.88

Location
United StatesUnited States
Ann Arbor, Florida
ASN
AS398324
Censys Inc
First Seen
Mar 21, 2026
Last Seen
Jun 17, 2026
Mar 21
First Seen
98d ago
Jun 17
Last Seen
10d ago
20
Reports
source reports
71%
Confidence
medium
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Network Information

CountryUSUnited States
RegionAnn Arbor, Florida
ASNAS398324
OrganizationCensys Inc

Feed Intelligence Summary

20 reports71% confidence
20
Source reports
71%
Confidence score
Category tags
abuseaccount compromiseactive scanactive scanningaptattackaustraliaautomated-attackbad reputationbad web botblocklist_allbotnetbotnet activitybotnet c2botnet-activitybrute forcebrute force attackbrute force attacksbrute-forcebruteforcecisco devicecivil servicescloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommunication protocolcowriecowrie honeypotcredential accesscredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase attackdatabase securitydatabase-serverddosddos attackdecoy systemdenial of servicedevice managementdigital oceandionaeadionaea honeypotencryptionenterprise networkingexploitexploit attemptexploitation activityexploited hostfattftpftp brute-forcegovernment technologyhackinghoneytrap honeypothttp scanneridentity & access exploitationimapimap attackindicatorinformation technologyinitial accessinjection activityinjection attacksinternet-facing attackiot securityiot targetedip-address-iocipv4it infrastructurelamplateral movementlinux-systemmailoney honeypotmalicious activitymalicious ip addressesmalwaremalware behaviourmalware capturenetworknetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork protocolnetwork scanningnetwork securitynetwork-devicenorth americaoceaniaopencanaryp0fpassword attacksphishingphishing attackphishing trapportscanprotocol exploitationpublic administrationpublic infrastructurepublic policyransomwareraspberry-pireconnaissanceregulatory agenciesremote accessremote servicesresearchedresource hijackingsansscannerscannersscanning activitysecurity operationssensor-taggedsentrypeer botnetservice scansftp attacksmtpsmtp attackersocradar honeypotsoftware developmentspamsql injectionsshssh attackssh monitoringsystem accesst-pott1021t1021.001t1021.002t1040t1041t1046t1059.003t1071t1071.001t1076t1077t1078t1078: valid accountst1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1210t1486t1496t1498t1499.001t1499.002t1563t1595t1595.001t1595.002t1595.002: vulnerability scanningt1595.003tannertargeting databasetelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotunited statesusvoipvoip attackvulnerability scanvulnerability-exploitationvultrweb app attackweb application attackweb exploitweb exploitationweb spamweb trafficweb-server

Activity Timeline

1 total obs
Jun 17Jun 17

Threat Activity Heatmap

· Peak: 2026-06-17
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
20
Reports
First seenMar 21, 2026
Last seenJun 17, 2026
GeolocationUS
CountryUnited States
LocationAnn Arbor, Florida
ASNAS398324
OrgCensys Inc
Coords25.7617, -80.1918

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Melbourne (Australia) honeypot

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 10 days ago
Appeared in 20 threat reports