IOC Radar
IPMediumSignal 83/100

66.45.231.201

Location
United StatesUnited States
Secaucus, New Jersey
ASN
AS19318
Interserver, Inc
First Seen
Aug 26, 2020
Last Seen
Apr 23, 2026
Aug 26
First Seen
2114d ago
Apr 23
Last Seen
49d ago
14
Reports
source reports
83%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
83%
Signal Score
83 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryUSUnited States
RegionSecaucus, New Jersey
ASNAS19318
OrganizationInterserver, Inc

Feed Intelligence Summary

14 reports83% confidence
14
Source reports
83%
Confidence score
Category tags
abuseactive scanactive scanningbad reputationbrute forcebrute force attackbrute force attackerbrute-forcebruteforcecredential accesscredential stuffingexploitation activityidentity & access exploitationindicatornetworknorth americapassword attacksportscanransomwarereconnaissanceresearchedscannerscannersservice scansocradar honeypotsshssh attackt1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003united statesvultr

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
83
SIGNAL
Signal Score
83%
Confidence
14
Reports
First seenAug 26, 2020
Last seenApr 23, 2026
GeolocationUS
CountryUnited States
LocationSecaucus, New Jersey
ASNAS19318
OrgInterserver, Inc
Coords40.7862, -74.0743

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected attempting to brute force SSH on Vultr Tokyo (Japan) honeypot
raw
NetRange: 66.45.224.0 - 66.45.255.255 CIDR: 66.45.224.0/19 NetName: INTERSERVER NetHandle: NET-66-45-224-0-1 Parent: NET66 (NET-66-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Interserver, Inc (INTER-83) RegDate: 2003-09-23 Updated: 2012-02-24 Comment: Please use [email protected] for all abuse reports. Ref: https://rdap.arin.net/registry/ip/66.45.224.0 OrgName: Interserver, Inc OrgId: INTER-83 Address: 110 Meadowlands Pkwy Address: 1st Floor City: Secaucus StateProv: NJ PostalCode: 07094 Country: US RegDate: 2003-03-17 Updated: 2024-11-25 Comment: Please use https://www.interserver.net/contact-information.html for all abuse complaints. Comment: Comment: DMCA registered agent [email protected] Ref: https://rdap.arin.net/registry/entity/INTER-83 ReferralServer: rwhois://rwhois.trouble-free.net:4321 OrgTechHandle: NOC1390-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-201-605-1440 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC1390-ARIN OrgNOCHandle: NOC1390-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-201-605-1440 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC1390-ARIN OrgAbuseHandle: NOC1390-ARIN OrgAbuseName: Network Operations Center OrgAbusePhone: +1-201-605-1440 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC1390-ARIN RTechHandle: MLA13-ARIN RTechName: Lavrik, Michael RTechPhone: +1-201-605-1440 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/MLA13-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 1 month ago
Appeared in 14 threat reports