IOC Radar
IPMediumSignal 35/100

142.93.217.80

Location
IndiaIndia
Bengaluru, Karnataka
ASN
AS14061
DigitalOcean, LLC
First Seen
Dec 28, 2024
Last Seen
Apr 20, 2026
Dec 28
First Seen
533d ago
Apr 20
Last Seen
54d ago
14
Reports
source reports
35%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
35%
Signal Score
35 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

34 techniques

Network Information

CountryINIndia
RegionBengaluru, Karnataka
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

14 reports35% confidence
14
Source reports
35%
Confidence score
Category tags
abuseactive scanactive scanningasiaattackaustraliaauthenticationauthentication attackauto-generated securitybad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attemptcommand and controlcowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposureddosdecoy systemdenial of servicedistributed attacksexploitation activityhackingidentity & access exploitationinindiaindicatorinfrastructure acquisitionreconnaissanceinjection activitymalicious activitymalicious softwaremalwaremanualnetworknetwork intrusionnetwork securityoceaniapassword attackpassword attacksphishingphishing attackprocess injectionreconnaissanceremote accessremote servicesresearchedscannersecurity operationssftp attacksocial engineeringssh attackssh monitoringt1021.004t1041t1055t1071.001t1078t1078.002t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1555t1555.003t1565t1566.001t1566.002t1566.003t1587.001t1588.004t1589t1589.002t1590.001t1595t1595.001t1595.002t1595.003threat actorthreat intelligencetor nodeweb application attackweb exploitation

Activity Timeline

1 total obs
Apr 20Apr 20

Threat Activity Heatmap

· Peak: 2026-04-20
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
35
SIGNAL
Signal Score
35%
Confidence
14
Reports
First seenDec 28, 2024
Last seenApr 20, 2026
GeolocationIN
CountryIndia
LocationBengaluru, Karnataka
ASNAS14061
OrgDigitalOcean, LLC
Coords12.9634, 77.5855

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
inetnum: 142.0.0.0 - 142.255.255.255 netname: ERX-NETBLOCK descr: Early registration addresses remarks: ------------------------------------------------------ remarks: Important: remarks: remarks: Networks in this range were allocated by InterNIC remarks: prior to the formation of Regional Internet remarks: Registries (RIRs): AfriNIC, APNIC, ARIN, LACNIC and RIPE NCC. remarks: remarks: Address ranges from this historical space have now remarks: been transferred to the appropriate RIR database.remarks: remarks: If your search has returned this record, it means the remarks: address range is not administered by APNIC. remarks: remarks: Instead, please search one of the following databases: remarks: remarks: - AfriNIC (Africa) remarks: website: http://www.afrinic.net/ remarks: command line: whois.afrinic.net remarks: remarks: - ARIN (Northern America) remarks: website: http://www.arin.net/ remarks: command line: whois.arin.net remarks: remarks: - LACNIC (Latin America and the Carribean) remarks: website: http://www.lacnic.net/ remarks: command line: whois.lacnic.net remarks: remarks: - RIPE NCC (Europe) remarks: website: http://www.ripe.net/ remarks: command line: whois.ripe.net remarks: remarks: For information on the Early Registration Transfer remarks: (ERX) project, see: remarks: remarks: http://www.apnic.net/db/erx remarks: remarks: ------------------------------------------------------ country: AU admin-c: IANA1-AP tech-c: IANA1-AP mnt-by: APNIC-HM mnt-lower: APNIC-HM status: ALLOCATED PORTABLE last-modified: 2008-09-04T06:51:29Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
references
https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://redpiranha.net, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 14 threat reports