IOC Radar
IPMediumSignal 78/100

142.93.216.80

Location
IndiaIndia
Bengaluru, KA
ASN
AS14061
DigitalOcean, LLC
First Seen
May 13, 2025
Last Seen
Apr 19, 2026
May 13
First Seen
403d ago
Apr 19
Last Seen
63d ago
8
Reports
source reports
78%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
78%
Signal Score
78 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryINIndia
RegionBengaluru, KA
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

8 reports78% confidence
8
Source reports
78%
Confidence score
Category tags
abuseactive scanactive scanningasiabad reputationbrute forcebrute force attackbrute force attackercloud computingcloud infrastructurecloud migrationcloud securitycloud storagecredential accesscredential stuffingdata store exposureddosdenial of serviceexploitation activityidentity & access exploitationindiaindicatormalwaremulti-cloud managementnetworkpassword attacksportscanreconnaissanceresearchedscannerscannersservice scant1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003tor nodevultrweb application attackweb exploitation

Activity Timeline

1 total obs
Apr 19Apr 19

Threat Activity Heatmap

· Peak: 2026-04-19
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address `142.93.216.80`, represents a significant and active threat that demands immediate attention. With a high threat score of 78.06, this IP address has been extensively identified across multiple threat intelligence feeds as a source of various malicious activities. Its association with tactics such as brute-forcing, password spraying, credential stuffing, and active exploitation attempts indicates a persistent and aggressive threat actor actively…

Threat ScoreHigh Risk
78
SIGNAL
Signal Score
78%
Confidence
8
Reports
First seenMay 13, 2025
Last seenApr 19, 2026
GeolocationIN
CountryIndia
LocationBengaluru, KA
ASNAS14061
OrgDigitalOcean, LLC
Coords12.9634, 77.5855

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Paris (France) honeypot
raw
inetnum: 142.0.0.0 - 142.255.255.255 netname: ERX-NETBLOCK descr: Early registration addresses remarks: ------------------------------------------------------ remarks: Important: remarks: remarks: Networks in this range were allocated by InterNIC remarks: prior to the formation of Regional Internet remarks: Registries (RIRs): AfriNIC, APNIC, ARIN, LACNIC and RIPE NCC. remarks: remarks: Address ranges from this historical space have now remarks: been transferred to the appropriate RIR database.remarks: remarks: If your search has returned this record, it means the remarks: address range is not administered by APNIC. remarks: remarks: Instead, please search one of the following databases: remarks: remarks: - AfriNIC (Africa) remarks: website: http://www.afrinic.net/ remarks: command line: whois.afrinic.net remarks: remarks: - ARIN (Northern America) remarks: website: http://www.arin.net/ remarks: command line: whois.arin.net remarks: remarks: - LACNIC (Latin America and the Carribean) remarks: website: http://www.lacnic.net/ remarks: command line: whois.lacnic.net remarks: remarks: - RIPE NCC (Europe) remarks: website: http://www.ripe.net/ remarks: command line: whois.ripe.net remarks: remarks: For information on the Early Registration Transfer remarks: (ERX) project, see: remarks: remarks: http://www.apnic.net/db/erx remarks: remarks: ------------------------------------------------------ country: AU admin-c: IANA1-AP tech-c: IANA1-AP mnt-by: APNIC-HM mnt-lower: APNIC-HM status: ALLOCATED PORTABLE last-modified: 2008-09-04T06:51:29Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
references
https://jamesbrine.com.au/vultrparis-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 8 threat reports