IOC Radar
IPMediumSignal 100/100

99.145.84.238

Location
United StatesUnited States
Pleasant Grove, Alabama
ASN
AS7018
AT&T Corp
First Seen
Jun 16, 2022
Last Seen
Feb 8, 2026
Jun 16
First Seen
1457d ago
Feb 8
Last Seen
124d ago
24
Reports
source reports
99%
Confidence
medium
Found in 24 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

54 techniques

Network Information

CountryUSUnited States
RegionPleasant Grove, Alabama
ASNAS7018
OrganizationAT&T Corp

Feed Intelligence Summary

24 reports99% confidence
24
Source reports
99%
Confidence score
Category tags
abuseaccess controlaccount compromiseack scanactive scanningadbhoney honeypotapacheapache attackerattackauto-generated securityblacklist candidateblacklisted ipbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsc2 communicationcisco devicecisco exploitation attemptcisco exploitation attemptscommand and controlcommunication protocolcommunication securitycompromised credentialscompromised hostsconpot honeypotcowrie activitycowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationddos attackddos attacksdecoy systemdevice managementdionaea activitydionaea honeypotdistributed attacksenterprise networkingenumerationexploitexploitation of privilegefin scanftp brute forcehoneytrap honeypothttp brute forceics securityindicatorindustrial control systemsinfrastructure acquisitionreconnaissanceinitial accessinternet of thingsintrusion detectioniociot botnetiot/ics attackkfsensor honeypotlamplateral movementloginmailoney honeypotmalicious activitymalicious domainmalicious network activitymalicious softwaremalwaremalware behaviourmalware capturemalware distributionmanualmasscan activitymirai botnetnetworknetwork attacksnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnmap scan detectednorth americanull scanpassword attacksphishingphishing attackphishing trappossible vulnerability probingpotential exploit targetingpotential malware deploymentpotential reconnaissance activityprocess injectionprotocol exploitationreconnaissancereconnaissance activityremote accessremote servicesresearchedresource developmentresource hijackingscanscannerscanning activitysecurity policysentrypeer activitysentrypeer botnetservice discoverysftp activitysftp attacksip brute forcesmtp brute forcesmtp probingsocial engineeringssh attackssh monitoringstealth scansyn scant1005t1016t1018t1021t1021.001t1021.002t1021.004t1040t1041t1046t1053t1055t1056.001t1059t1059.001t1059.004t1068t1071t1071.001t1076t1078t1078.004t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1195.002t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1568t1587.001t1588t1590.001t1595t1595.001t1595.002t1595.003tannertcp protocoltcp/23telecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontpottpotcetsecudp port scanunauthorized access attemptunauthorized access attemptsunited statesusvoipvoip attackvulnerabilityxmas scan

Activity Timeline

1 total obs
Feb 8Feb 8

Threat Activity Heatmap

· Peak: 2026-02-08
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
24
Reports
First seenJun 16, 2022
Last seenFeb 8, 2026
GeolocationUS
CountryUnited States
LocationPleasant Grove, Alabama
ASNAS7018
OrgAT&T Corp
Coords33.4705, -87.0424

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 81 Skype. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
NetRange: 99.145.0.0 - 99.149.255.255 CIDR: 99.146.0.0/15, 99.148.0.0/15, 99.145.0.0/16 NetName: SBCIS-SBIS-6BLK NetHandle: NET-99-145-0-0-1 Parent: NET99 (NET-99-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: AT&T Enterprises, LLC (AEL-360) RegDate: 2007-08-29 Updated: 2024-12-05 Ref: https://rdap.arin.net/registry/ip/99.145.0.0 OrgName: AT&T Enterprises, LLC OrgId: AEL-360 Address: 208 S. Akard St. City: Dallas StateProv: TX PostalCode: 75202 Country: US RegDate: 2024-11-22 Updated: 2025-07-21 Ref: https://rdap.arin.net/registry/entity/AEL-360 OrgAbuseHandle: ABUSE7-ARIN OrgAbuseName: abuse OrgAbusePhone: +1-919-319-8167 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE7-ARIN OrgRoutingHandle: ROUTI59-ARIN OrgRoutingName: Routing POC OrgRoutingPhone: +1-999-999-9999 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/ROUTI59-ARIN OrgTechHandle: ZS44-ARIN OrgTechName: IPAdmin-ATT Internet Services OrgTechPhone: +1-888-510-5545 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ZS44-ARIN OrgTechHandle: ICC-ARIN OrgTechName: IP Team OrgTechPhone: +1-888-876-2382 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/ICC-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 4 months ago
Appeared in 24 threat reports