IPMediumSignal 51/100
81.16.152.2
Location
AustriaVienna, Vienna
ASN
AS1764
AIM Scaninfra V4 SBA Research
First Seen
May 10, 2021
Last Seen
Jun 19, 2026
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryAustria
AustriaRegionVienna, Vienna
ASNAS1764
OrganizationAIM Scaninfra V4 SBA Research
Feed Intelligence Summary
13 reports51% confidence
13
Source reports
51%
Confidence score
Category tags
abuseactive scanactive scanningattacker ipattacker-ipaustraliaaustriabad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptsbrute-forcebruteforcecommand injectioncommunication protocolcowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdenial of servicedionaea honeypotdnsdns attackeuropeexploitexploit attemptsexploitation activityexploitation attemptsexploited hostfattftpftp attackshackinghoneytrap honeypothttp scanneridentity & access exploitationinbound scanindicatorindicators of compromiseinitial accessinjection activityinjection attacksiocmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deliverymalware distributionnetworknetwork intrusion attemptsnetwork probingnetwork scanningnetwork securitynetwork-based attack attemptsoceaniap0fpassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationransomwarerdp attacksreconnaissanceremote accessremote servicesresearchedresource hijackingsba_research_scanner-benignscannerscanning activitysensor-taggedsentrypeer botnetserver exploitationsmtpsmtp attackssql injectionssh attackssh attacksssh monitoringt1021t1021.001t1040t1046t1055t1059t1059.003t1071t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1505.002t1565t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnet attackstelnet threatthreat actorthreat detectionthreat intelligencethreat intelligence feedtor nodetpotverified-benignvnc protocolvoidtrapvoipvoip attackweb app attackweb application attackweb exploitationweb traffic
Activity Timeline
Jun 19Jun 19
Threat Activity Heatmap
· Peak: 2026-06-19LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
13
Reports
First seenMay 10, 2021
Last seenJun 19, 2026
GeolocationAT
CountryAustria
LocationVienna, Vienna
ASNAS1764
OrgAIM Scaninfra V4 SBA Research
Coords48.2081, 16.3713
VirusTotal
Not checked
WHOIS
- description
- Score: 100/100 | Detector: threat_feed | Label: reported_abuse | Tags: abuseipdb, reported
- raw
- inetnum: 81.16.152.0 - 81.16.152.7 netname: AIM-SCANINFRA-V4-SBA-RESEARCH country: AT admin-c: SSN103-RIPE tech-c: SSN103-RIPE abuse-c: SSN103-RIPE status: ASSIGNED PA remarks: --------------------------------- remarks: This network is used for research remarks: in IPv4 network measurements. remarks: More info under: remarks: https://aim.sba-research.org remarks: --------------------------------- mnt-by: AS1764-MNT created: 2022-04-20T07:29:04Z last-modified: 2024-02-20T10:27:43Z source: RIPE role: SBA-Research ScanServer NOC address: Floragasse 7, 5. OG address: 1040 Vienna address: Austria nic-hdl: SSN103-RIPE remarks: abuse-mailbox: [email protected] mnt-by: AS1764-MNT created: 2021-02-12T16:32:16Z last-modified: 2024-02-20T10:19:46Z source: RIPE # Filtered route: 81.16.152.0/21 origin: AS1764 mnt-by: AS1764-MNT created: 2016-04-20T15:14:01Z last-modified: 2016-04-20T15:14:01Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 5 years ago · Last seen 4 days ago
Appeared in 13 threat reports