IPMediumSignal 55/100
136.144.35.131
Location
United StatesTrenton, NY
ASN
AS396356
VPN Consumer New Jersey, United States of America
First Seen
Oct 15, 2022
Last Seen
Jun 5, 2026
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionTrenton, NY
ASNAS396356
OrganizationVPN Consumer New Jersey, United States of America
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
20 reports55% confidence
20
Source reports
55%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningaerospace & defenseamadeyamadey botandroidantispamaptasiaasyncratattackaustraliaautomotive manufacturingbad reputationbad web botbankingblacklist hostblocklist_allbotnetbotnet activitybrazilbrute forcebrute force attackbrute force attacksbrute-forcec2 communicationchange healthcarecivil servicescommand & controlcommand and controlcommunication protocolcompromised hostcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingcredit card servicescryptocurrencycryptocurrency threatscryptojackingcsrmirt teamcyber securitydata encryptiondata exfiltrationdata store exposuredatabase attackddosddos attackdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedionaeadionaea honeypotdistributed attackselectronics manufacturingencryptioneuropeexploitation activityexploited hostextortionfattfinancefinance and insurancefinancial servicesfinancial technologyftpftp brute-forcegermanygovernment technologyhackinghoneytrap honeypothttp scanneridentity & access exploitationindonesiaindustrial automationindustrial iotindustrial productioninformation stealerinformation technologyinfostealerinjection activityiociot securityit infrastructurelateral movementlatest spambotlog4jlummalumma stealermailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware distributionmanufacturing technologymilitary operationsmobilemobile securitymobile threatmozimozi botnetnational securitynetworknetwork intrusion attemptsnetwork probingnetwork scanningnetwork securitynetwork traffic analysisnextraynorth americaoceaniaopen proxyp0fparaguaypassword attackspayment processingphishingphishing attackphishing trapprobingprocess injectionprocess manufacturingprotocol exploitationproxypublic administrationpublic infrastructurepublic policyquality controlransomwarereconnaissanceregulatory agenciesremote access trojanresearchedresource hijackingscannerscanningscanning activitysecurity operationssecurity policysensor-taggedsentrypeer botnetsingaporesmtpsocial engineeringsocradar honeypotsoftware developmentsouth americaspamspambotssh attackssh monitoringstealcstealc stealersupply chain attacksupply chain managementsystem accesssystem disruptiont1021t1040t1055t1059t1064t1071t1071.001t1078t1105t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204t1486t1490t1496t1499.001t1499.002t1499.003t1547t1565t1566t1566.001t1566.002t1566.003t1595t1595.001t1595.002t1595.003tannertargeting databasetech mahindratelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventionthreat reporttor nodetpotukraineunited statesurlhaususvoipvoip attackvpnvulnerability scanwealth managementwebweb app attackweb application attackweb exploitweb exploitationweb scannerweb spamweb trafficwebscanwebscannerxworm
Activity Timeline
Jun 5Jun 5
Threat Activity Heatmap
· Peak: 2026-06-05LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
20
Reports
First seenOct 15, 2022
Last seenJun 5, 2026
GeolocationUS
CountryUnited States
LocationTrenton, NY
ASNAS396356
OrgVPN Consumer New Jersey, United States of America
Coords40.7359, -73.9904
ProxyVPN
VirusTotal
Not checked
WHOIS
- description
- IPv4 hosts detected performing web attacks against Cloudflare honeypot edge
- raw
- NetRange: 136.144.16.0 - 136.144.127.255 CIDR: 136.144.16.0/20, 136.144.32.0/19, 136.144.64.0/18 NetName: RIPE NetHandle: NET-136-144-16-0-1 Parent: NET136 (NET-136-0-0-0-0) NetType: Early Registrations, Transferred to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2016-11-08 Updated: 2025-02-10 Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois. Ref: https://rdap.arin.net/registry/ip/136.144.16.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE ReferralServer: whois.ripe.net ResourceLink: https://apps.db.ripe.net/db-web-ui/query OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
- references
- https://urlhaus.abuse.ch/, https://any.run/malware-trends/
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 years ago · Last seen 8 days ago
Appeared in 20 threat reports