IPMediumSignal 67/100
104.131.116.150
Location
United StatesClifton, NJ
ASN
AS14061
Digital Ocean
First Seen
Feb 11, 2025
Last Seen
Mar 15, 2026
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionClifton, NJ
ASNAS14061
OrganizationDigital Ocean
Feed Intelligence Summary
7 reports67% confidence
7
Source reports
67%
Confidence score
Category tags
abuseaccessactive scanningapplication reconnaissanceattackbankingbotnetbrute forcebrute force attackcms detectioncommand and controlcommand injectioncommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingcredit card servicesdata exfiltrationdatabase securitydecoy systemdenial of servicedirectory bruteforcingdirectory traversaldistributed attacksemailfinancefinance and insurancefinancial servicesfinancial technologyftp brute forcegithubgroupshoneytrap honeypothttp scannerhttpsindicatorinjection attackslamplateral movementlfimailoney honeypotmalicious activitymalicious softwaremalwarenetworknetwork enumerationnetwork probingnetwork scanningnorth americaowasppassword attackspayment processingphishingphishing attackphishing trappotential malicious activityprocess injectionpythonreconnaissanceresearchedrfiscannerscanning activityscriptservice enumerationsftpsftp attackslugsmtp brute forcesocial engineeringsshssh attackssh monitoringssrfsurface webt1021t1021.004t1041t1055t1059t1059.003t1059.004t1068t1071.001t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1203t1486t1495.001t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1583t1589t1590t1592t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat detectionunauthorized access attemptsunidentified attackerunited statesusvulnerability scanwealth managementweb application attackweb application fingerprintingweb crawlerweb exploitationweb scannerweb trafficxss
Activity Timeline
Mar 15Mar 15
Threat Activity Heatmap
· Peak: 2026-03-15LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
7
Reports
First seenFeb 11, 2025
Last seenMar 15, 2026
GeolocationUS
CountryUnited States
LocationClifton, NJ
ASNAS14061
OrgDigital Ocean
Coords40.8364, -74.1403
VirusTotal
Not checked
WHOIS
- raw
- NetRange: 104.131.0.0 - 104.131.255.255 CIDR: 104.131.0.0/16 NetName: DIGITALOCEAN-104-131-0-0 NetHandle: NET-104-131-0-0-1 Parent: NET104 (NET-104-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: DigitalOcean, LLC (DO-13) RegDate: 2014-06-02 Updated: 2020-04-03 Comment: Routing and Peering Policy can be found at https://www.as14061.net Comment: Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse Ref: https://rdap.arin.net/registry/ip/104.131.0.0 OrgName: DigitalOcean, LLC OrgId: DO-13 Address: 105 Edgeview Drive, Suite 425 City: Broomfield StateProv: CO PostalCode: 80021 Country: US RegDate: 2012-05-14 Updated: 2025-04-11 Ref: https://rdap.arin.net/registry/entity/DO-13 OrgNOCHandle: NOC32014-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-646-827-4366 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN OrgAbuseHandle: DIGIT19-ARIN OrgAbuseName: DigitalOcean Abuse OrgAbusePhone: +1-646-827-4366 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN OrgTechHandle: NOC32014-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-646-827-4366 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 3 months ago
Appeared in 7 threat reports