IPMediumSignal 51/100
134.209.102.173
Location
SingaporeSingapore, South West
ASN
AS14061
DigitalOcean, LLC
First Seen
Nov 12, 2025
Last Seen
Jun 2, 2026
Found in 22 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountrySingapore
SingaporeRegionSingapore, South West
ASNAS14061
OrganizationDigitalOcean, LLC
Feed Intelligence Summary
22 reports51% confidence
22
Source reports
51%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningapacheapache attackeraptasiaattackauthentication attemptautomated attackbad reputationbad web botbotnet activitybrute forcebrute force attackbrute force attemptbrute-forcecommunication protocolcowriecowrie datacowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosddos attackdecoy systemdenial of serviceexploitation activityexploited hostftpftp brute forceftp brute-forcehackinghoneytrap honeypothttp scannerhttp scanninghttpsidentity & access exploitationimapimap attackindiaindicatorlamplamp stack attacklogin attemptmalaysiamalicious activitymalwarenetworknetwork attacksnetwork intrusionnetwork protocolnetwork scanningnetwork securitynetwork service scanningopenctipassword attackpassword attackspassword sprayingphishingphishing attackpossible mirai variantprotocol exploitationransomwarereconnaissanceremote accessremote access attemptremote servicesresearchedscannerscannerssecurity policyself-signedservice scansftpsftp activitysftp attacksgsingaporesmtpsmtp attackersocial engineeringsocradar honeypotspamsshssh attackssh monitoringt1021t1021.001t1021.004t1040t1041t1059t1059.004t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1499.002t1499.003t1563t1566.001t1566.002t1566.003t1589t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodeudp port scanunauthorized login attemptsweb application attackweb exploitationweb spamweb traffic
Activity Timeline
Jun 2Jun 2
Threat Activity Heatmap
· Peak: 2026-06-02LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
22
Reports
First seenNov 12, 2025
Last seenJun 2, 2026
GeolocationSG
CountrySingapore
LocationSingapore, South West
ASNAS14061
OrgDigitalOcean, LLC
Coords1.3078, 103.6818
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 134.0.0.0 - 134.255.255.255 netname: ERX-NETBLOCK descr: Early registration addresses country: AU admin-c: IANA1-AP tech-c: IANA1-AP abuse-c: AA1452-AP status: ALLOCATED PORTABLE remarks: ------------------------------------------------------ remarks: Important: remarks: remarks: Networks in this range were allocated by InterNIC remarks: prior to the formation of Regional Internet remarks: Registries (RIRs): AfriNIC, APNIC, ARIN, LACNIC and RIPE NCC. remarks: remarks: Address ranges from this historical space have now remarks: been transferred to the appropriate RIR database.remarks: remarks: If your search has returned this record, it means the remarks: address range is not administered by APNIC. remarks: remarks: Instead, please search one of the following databases: remarks: remarks: - AfriNIC (Africa) remarks: website: http://www.afrinic.net/ remarks: command line: whois.afrinic.net remarks: remarks: - ARIN (Northern America) remarks: website: http://www.arin.net/ remarks: command line: whois.arin.net remarks: remarks: - LACNIC (Latin America and the Carribean) remarks: website: http://www.lacnic.net/ remarks: command line: whois.lacnic.net remarks: remarks: - RIPE NCC (Europe) remarks: website: http://www.ripe.net/ remarks: command line: whois.ripe.net remarks: remarks: For information on the Early Registration Transfer remarks: (ERX) project, see: remarks: remarks: http://www.apnic.net/db/erx remarks: remarks: ------------------------------------------------------ mnt-by: APNIC-HM mnt-lower: APNIC-HM mnt-irt: IRT-APNIC-AP last-modified: 2022-07-12T12:22:48Z source: APNIC irt: IRT-APNIC-AP address: Brisbane, Australia e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HM20-AP tech-c: NO4-AP remarks: APNIC is a Regional Internet Registry. remarks: We do not operate the referring network and remarks: are unable to investigate complaints of network abuse. remarks: For information about IRT, see www.apnic.net/irt remarks: [email protected] was validated on 2020-02-03 auth: # Filtered mnt-by: APNIC-HM last-modified: 2025-11-18T00:26:21Z source: APNIC role: ABUSE APNICAP country: ZZ address: Brisbane, Australia phone: +000000000 e-mail: [email protected] admin-c: HM20-AP tech-c: NO4-AP nic-hdl: AA1452-AP remarks: Generated from irt object IRT-APNIC-AP remarks: [email protected] was validated on 2020-02-03 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-28T01:00:58Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
- references
- https://purplesynapz.com/, https://redpiranha.net, https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 7 months ago · Last seen 23 days ago
Appeared in 22 threat reports