IOC Radar
IPMediumSignal 24/100

137.184.254.222

Location
United StatesUnited States
Secaucus, New Jersey
ASN
AS14061
Digital Ocean
First Seen
Feb 26, 2025
Last Seen
Apr 5, 2026
Feb 26
First Seen
478d ago
Apr 5
Last Seen
75d ago
8
Reports
source reports
24%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
24%
Signal Score
24 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

36 techniques

Network Information

CountryUSUnited States
RegionSecaucus, New Jersey
ASNAS14061
OrganizationDigital Ocean

Feed Intelligence Summary

8 reports24% confidence
8
Source reports
24%
Confidence score
Category tags
abuseaccessactive scanactive scanningadbhoney honeypotapplication layer protocolattackbad reputationbotnetbotnet activitybrute forcebrute force attemptscommand and controlcommunication protocolcompromised credentialsconpotconpot honeypotcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securitydecoy systemdionaeadionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringemailexploit kit activityexploit: web applicationexploitation activityftp brute forcegithubgroupshoneytrap honeypothttp request anomaliesics securityidentity & access exploitationindicatorindustrial control systemsinitial accessinjection activityiot securityiot/ics attacklamplamp exploitation attemptslamp stack targetinglateral movementmailoney honeypotmalicious activitymalicious network activitymalicious softwaremalwaremalware behaviourmalware capturemalware detectionmalware hostingnetworknetwork intrusionnetwork intrusion attemptsnetwork reconnaissancenetwork scanningnetwork securitynorth americaphishingphishing attackphishing trappotential malware distributionprocess injectionpythonreconnaissanceremote access attemptsresearchedresource hijackingscannerscanning activityscriptsentrypeer botnetsftpsftp attacksipsip enumerationsip vulnerability scanningslugsmtp probingsocial engineeringsshssh attackssh monitoringsurface webt1021t1021.001t1021.002t1040t1041t1046t1053t1053.005t1055t1059t1059.001t1059.004t1068t1071.001t1078t1110t1110.001t1110.002t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1555t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationsthreat actorthreat detectionthreat intelligencetor nodeunauthorized access attemptunited statesusvoipvoip attackvulnerability scan

Activity Timeline

1 total obs
Apr 5Apr 5

Threat Activity Heatmap

· Peak: 2026-04-05
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
24
SIGNAL
Signal Score
24%
Confidence
8
Reports
First seenFeb 26, 2025
Last seenApr 5, 2026
GeolocationUS
CountryUnited States
LocationSecaucus, New Jersey
ASNAS14061
OrgDigital Ocean
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

description
Unknown source type: honeyaml
raw
NetRange: 137.184.0.0 - 137.184.255.255 CIDR: 137.184.0.0/16 NetName: DIGITALOCEAN-137-184-0-0 NetHandle: NET-137-184-0-0-1 Parent: NET137 (NET-137-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: DigitalOcean, LLC (DO-13) RegDate: 2019-11-13 Updated: 2025-03-03 Comment: Routing and Peering Policy can be found at https://www.as14061.net Comment: Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse Ref: https://rdap.arin.net/registry/ip/137.184.0.0 OrgName: DigitalOcean, LLC OrgId: DO-13 Address: 105 Edgeview Drive, Suite 425 City: Broomfield StateProv: CO PostalCode: 80021 Country: US RegDate: 2012-05-14 Updated: 2025-04-11 Ref: https://rdap.arin.net/registry/entity/DO-13 OrgAbuseHandle: DIGIT19-ARIN OrgAbuseName: DigitalOcean Abuse OrgAbusePhone: +1-646-827-4366 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN OrgTechHandle: NOC32014-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-646-827-4366 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN OrgNOCHandle: NOC32014-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-646-827-4366 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 8 threat reports