IOC Radar
IPMediumSignal 45/100

66.175.211.144

Location
United StatesUnited States
Cedar Knolls, New Jersey
ASN
AS63949
Linode
First Seen
Jul 14, 2021
Last Seen
Apr 7, 2026
Jul 14
First Seen
1796d ago
Apr 7
Last Seen
68d ago
22
Reports
source reports
45%
Confidence
medium
Found in 22 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
45%
Signal Score
45 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

46 techniques

Network Information

CountryUSUnited States
RegionCedar Knolls, New Jersey
ASNAS63949
OrganizationLinode

Feed Intelligence Summary

22 reports45% confidence
22
Source reports
45%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney activityadbhoney honeypotattackauthentication abuseauthentication attemptsbad reputationbad web botbinaryedge-benignbotnetbotnet activitybrute forcebrute force attackbrute force attemptsbrute_forcecisco devicecisco exploit attemptscisco_exploitcommand and controlcommunication protocolcowrie activitycowrie honeypotcowrie interactionscowrie_attackcredential accesscredential harvestingcredential stuffingcredential_accessdata exfiltrationdata store exposureddosddos attackdecoy systemdenial of servicedevice managementdionaea activitydionaea honeypotdistributed attacksenterprise networkingexploitexploit probingexploitationexploitation activityfailed login attemptsfattfatt analysisftp attacksftp brute forcehackinghoneytrap activityhoneytrap honeypothttp scanneridentity & access exploitationindicatorinitial accessinitial_accessinjection activitylamplamp exploit attemptslamp server attacklamp_exploitlateral movementlateral movement techniquesmailoney activitymailoney honeypotmalicious activitymalicious activity detectedmalicious softwaremalwaremalware behaviourmalware capturemalware deliverynetworknetwork discoverynetwork infrastructurenetwork intrusion attemptsnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnorth americap0fp0f signaturespassword attacksphishingphishing attackphishing trapping of deathpotential exploit attemptspotential intrusionprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote servicesresearchedresource hijackingsansscannerscripting attackssensor-taggedsentrypeer activitysentrypeer botnetservice scansftp attacksftp_attacksip attackssip brute forcesip_attacksmtp attackssocial engineeringsocradar honeypotssh attackssh attacksssh monitoringssh_bruteforcesuricata alertst1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.004t1059.007t1068t1071.001t1076t1078t1078.002t1087t1110t1110.001t1110.002t1110.003t1110.004t1190t1199t1203t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1555t1555.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1588t1589t1595t1595.001t1595.002t1595.003tannertanner activitytelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotunauthorized login attemptsunited statesverified-benignvoipvoip attackweb application attackweb application scanningweb attackweb exploitationweb traffic

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The IP address 66.175.211.144 has been identified as a significant Indicator of Compromise (IOC) with a score of 45.028, indicating a substantial risk to organizational security. This IOC is associated with various malicious activities observed across multiple threat intelligence feeds, including active scanning, brute-force attempts, and the exploitation of remote services. If this IP address is found to be communicating with internal systems, it could signify compromise leading to unauthorized…

Threat ScoreMedium Risk
45
SIGNAL
Signal Score
45%
Confidence
22
Reports
First seenJul 14, 2021
Last seenApr 7, 2026
GeolocationUS
CountryUnited States
LocationCedar Knolls, New Jersey
ASNAS63949
OrgLinode
Coords40.8218, -74.4500

VirusTotal

Not checked

WHOIS

description
2025-06-03T01:43:30.000Z Honeypot : Honeytrap : Source: 66.175.211.144 : Port: 3388 Message: {'protocol': 'tcp', 'payload': {'md5_hash': '85b1084d60f8948e0958a9e90ee57966', 'length': 46, 'sha512_hash': '8e9d8f80042196eae22d56957cc7d433cb431d5a89497e53be0f2970549370a35b4d13fa7e018479f950e8ab3ae54320a928d420eb18b1eb3a82dd2f8c7b5323', 'data_hex': '0300002e29e00000000000436f6f6b69653a206d737473686173683d6c63676e316166770d0a0100080001000000'}}
raw
Akamai Technologies, Inc. LINODE-US (NET-66-175-208-0-1) 66.175.208.0 - 66.175.223.255 Linode LINODE (NET-66-175-208-0-2) 66.175.208.0 - 66.175.223.255
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 2 months ago
Appeared in 22 threat reports