IOC Radar
IPMediumSignal 32/100

7.7.7.7

Location
United StatesUnited States
Whitehall, Ohio
ASN
AS749
DoD Network Information Center
First Seen
Jan 20, 2021
Last Seen
May 6, 2026
Jan 20
First Seen
1971d ago
May 6
Last Seen
39d ago
7
Reports
source reports
32%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
32%
Signal Score
32 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

62 techniques

Network Information

CountryUSUnited States
RegionWhitehall, Ohio
ASNAS749
OrganizationDoD Network Information Center

Feed Intelligence Summary

7 reports32% confidence
7
Source reports
32%
Confidence score
Category tags
.net frameworkactive scanactive scanningamazonanti-debugartifacts of interestbad web botberbewbotnet activitybrute forcebrute force attackbrute-forcecivilcode executioncode injectioncommand executioncredential accesscredential stuffingcrimecryptocurrencycryptographic stagnationdata exfiltrationdata exfiltration attemptdata store exposureddosddos attacksdeleted file identificationdenial of servicedll injectiondmarcdnsdns attackdnssecencrypted connectionsendgameenterprise securityerroreu cyber policieseuropeexploitation activityfailfirstformbook stealergooglehackershackinghtml smugglinghtml_smugglingidentity & access exploitationindicatorinformation technologyinfostealeringress tool transferinjection activityinjection vulnerabilityintelligence agency surveillanceinternet of thingsiosiot botnetiot securityiot/ics attackit infrastructurelaw enforcement surveillancelegacy infrastructurelinuxlooklooksmacmalicious powershell activitymalicious softwaremalwaremalware campaignmemory injectionmeowmirai botnetmobilemobile securitymobile threatmodelmon junmz imagemz imagecreatednetworknorth americansonso groupoperating systemowner rightsparagonpassword attackspatch managementpegasuspeoplepotential malware storageprocess injectionprocess manipulationransomwarereconnaissanceregional securityresearchedsamsungscanidscannerscripting attackssecurity operationsserviceservice processskynetsoftware developmentsoftware vulnerabilitiessonyspyeyestealersystemic weaknesst1001t1005t1011t1018t1019t1021.001t1021.006t1027t1055t1055.001t1059t1059.001t1059.004t1059.007t1064t1069.001t1070t1071t1071.001t1071.004t1078t1078.004t1086t1088t1094t1105t1106t1110.001t1110.002t1110.003t1110.004t1114t1114.002t1190t1192t1199t1202t1203t1204.001t1204.002t1218.001t1486t1496t1499.001t1499.002t1547t1553t1553.004t1562t1563.002t1565t1566t1566.001t1573t1574t1588t1595t1595.001t1595.002t1595.003t1596.001t1596.004threat actorthreat intelligencetor nodetraffic maskingtrimtrojan downloadertrojan malwaretrust anchor degradationunited statesunsigned protocolusvulnerability scanvulnerable softwareweb application attackweb exploitationwix

Activity Timeline

1 total obs
May 6May 6

Threat Activity Heatmap

· Peak: 2026-05-06
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
32
SIGNAL
Signal Score
32%
Confidence
7
Reports
First seenJan 20, 2021
Last seenMay 6, 2026
GeolocationUS
CountryUnited States
LocationWhitehall, Ohio
ASNAS749
OrgDoD Network Information Center
Coords39.9664, -83.0128

VirusTotal

Not checked

WHOIS

raw
NetRange: 7.0.0.0 - 7.255.255.255 CIDR: 7.0.0.0/8 NetName: DISANET7 NetHandle: NET-7-0-0-0-1 Parent: () NetType: Direct Allocation OriginAS: Organization: DoD Network Information Center (DNIC) RegDate: 1997-11-24 Updated: 2006-04-28 Ref: https://rdap.arin.net/registry/ip/7.0.0.0 OrgName: DoD Network Information Center OrgId: DNIC Address: 3990 E. Broad Street City: Columbus StateProv: OH PostalCode: 43218 Country: US RegDate: Updated: 2025-03-13 Ref: https://rdap.arin.net/registry/entity/DNIC OrgAbuseHandle: REGIS10-ARIN OrgAbuseName: Registration OrgAbusePhone: +1-844-347-2457 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/REGIS10-ARIN OrgTechHandle: REGIS10-ARIN OrgTechName: Registration OrgTechPhone: +1-844-347-2457 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/REGIS10-ARIN OrgTechHandle: MIL-HSTMST-ARIN OrgTechName: Network DoD OrgTechPhone: +1-844-347-2457 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/MIL-HSTMST-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 1 month ago
Appeared in 7 threat reports