IOC Radar
IPMediumSignal 100/100

66.45.238.26

Location
United StatesUnited States
Secaucus, New Jersey
ASN
AS19318
Interserver, Inc
First Seen
Feb 4, 2025
Last Seen
Feb 28, 2026
Feb 4
First Seen
506d ago
Feb 28
Last Seen
117d ago
10
Reports
source reports
99%
Confidence
medium
3/91
VirusTotal
detections
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Network Information

CountryUSUnited States
RegionSecaucus, New Jersey
ASNAS19318
OrganizationInterserver, Inc

IP Category

Hosting
Hosting provider

Feed Intelligence Summary

10 reports99% confidence
10
Source reports
99%
Confidence score
Category tags
abuseaccessactive scanningattackauthentication attemptsbotnetbrute forcebrute force attackcommand and controlcommunication protocolcowriecowrie activitycowrie honeypotcowrie ssh attackscredential accesscredential harvestingcredential stuffingctadata exfiltrationdecoy systemdionaea activitydionaea honeypotdionaea malware collectiondistributed attacksemailftp brute forcegithubgroupshoneytrap honeypotindicatorlamplateral movementmailoney honeypotmalicious activitymalicious sip activitymalicious softwaremalicious trafficmalwaremalware behaviourmalware capturenetworknetwork enumerationnetwork probingnetwork scanningnetwork securitynorth americapassword attacksphishingphishing attackphishing trappotential malicious activityprocess injectionpythonreconnaissanceresearchedresource hijackingscannerscriptsentrypeer botnetservice enumerationsftpsftp access attemptssftp attacksip brute forcesip scanningslugsmtp brute forcesocial engineeringsshssh attackssh monitoringsurface webt1021t1021.004t1040t1041t1055t1059t1059.004t1071.001t1078t1078.001t1078.002t1078.003t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat detectionthreat intelligenceunauthorized access attemptsunidentified attackerunited statesusvoipvoip attack

Activity Timeline

1 total obs
Feb 28Feb 28

Threat Activity Heatmap

· Peak: 2026-02-28
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
10
Reports
First seenFeb 4, 2025
Last seenFeb 28, 2026
GeolocationUS
CountryUnited States
LocationSecaucus, New Jersey
ASNAS19318
OrgInterserver, Inc
Coords40.7862, -74.0743
Hosting

VirusTotal

3/ 91vendors flagged
3% detection rateJun 7, 2026

WHOIS

description
Unknown source type: h0neytr4p
raw
NetRange: 66.45.224.0 - 66.45.255.255 CIDR: 66.45.224.0/19 NetName: INTERSERVER NetHandle: NET-66-45-224-0-1 Parent: NET66 (NET-66-0-0-0-0) NetType: Direct Allocation OriginAS: AS19318 Organization: Interserver, Inc (INTER-83) RegDate: 2003-09-23 Updated: 2012-02-24 Comment: Please use [email protected] for all abuse reports. Ref: https://rdap.arin.net/registry/ip/66.45.224.0 OrgName: Interserver, Inc OrgId: INTER-83 Address: 110 Meadowlands Pkwy Address: 1st Floor City: Secaucus StateProv: NJ PostalCode: 07094 Country: US RegDate: 2003-03-17 Updated: 2024-11-25 Comment: Please use https://www.interserver.net/contact-information.html for all abuse complaints. Comment: Comment: DMCA registered agent [email protected] Ref: https://rdap.arin.net/registry/entity/INTER-83 ReferralServer: rwhois://rwhois.trouble-free.net:4321 OrgTechHandle: NOC1390-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-201-605-1440 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC1390-ARIN OrgAbuseHandle: NOC1390-ARIN OrgAbuseName: Network Operations Center OrgAbusePhone: +1-201-605-1440 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC1390-ARIN OrgNOCHandle: NOC1390-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-201-605-1440 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC1390-ARIN RTechHandle: MLA13-ARIN RTechName: Lavrik, Michael RTechPhone: +1-201-605-1440 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/MLA13-ARIN
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 10 threat reports