IPMediumSignal 47/100
142.93.230.252
Location
NetherlandsAmsterdam, North Holland
ASN
AS14061
DigitalOcean, LLC
First Seen
Feb 7, 2023
Last Seen
Jun 7, 2026
Feb 7
First Seen
1222d ago
Jun 7
Last Seen
6d ago
22
Reports
source reports
47%
Confidence
medium
8/91
VirusTotal
detections
Found in 22 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryNetherlands
NetherlandsRegionAmsterdam, North Holland
ASNAS14061
OrganizationDigitalOcean, LLC
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
22 reports47% confidence
22
Source reports
47%
Confidence score
Category tags
abuseaccess controlaccess toolaccount compromiseactive reconnaissanceactive scanactive scanningactor listadbhoney honeypotaerospace & defenseapacheapache attackerapplication protectionaptasiaattackattack vectorsattacker ipattacker_ipaustraliaauthentication attacksauthentication attemptsautomotive manufacturingbad reputationbad web botbankingbianlianbinaryedge-benignblacklist candidateblacklist ipblacklisted ip addressblock listblog spambotnetbotnet activitybotsbrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsbrute-forcebrute_forcebruteforcec2 communicationchina mobilecivil servicescloud infrastructurecloud infrastructure attackcloud servicescode executioncolumnscommand & controlcommand and controlcommand executioncommand injectioncommunication protocolcompany limitedcompromised hostconpot honeypotcontainer securitycowrie honeypotcowrie interactionscowrie ssh attackcowrie ssh attackscredential accesscredential attackcredential guessingcredential harvestingcredential stuffingcredential-accesscredentialaccesscredit card servicescurlcvecvesdata encryptiondata exfiltrationdata loaderdata store exposuredatabase attackdatabase attacksdatabase login attemptdatabase securitydcerpcddosddos attackddos attack indicatorsddos attacksddos preparationddos probeddospotdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydelving intodenial of servicedenial-of-servicedigital oceandionaea activitydionaea attacksdionaea honeypotdionaea interactionsdionaea malware samplesdionaea payloadsdistributed attacksdnsdns attackdockerelasticpot honeypotelasticsearchelasticsearch monitoringelectronics manufacturingencryptionenumerationeu cyber policieseuropeexfiltrationexploitexploit attemptexploit attemptsexploit kit activityexploit probingexploit targetingexploitationexploitation activityexploitation attemptexploitation attemptsexploitation of vulnerabilityexploited hostexternal ipexternal scanningexternal threatexternal_threatextortionf5 labsfailed login attemptsfattfatt analysisfatt detectionsfatt signaturesfilefinancefinancial servicesfinancial technologyfinlandfranceftpftp attackftp attacksftp brute forcegalahgermanygluttongopotgovernment technologygtighackinghellpothk abusehandlerhoneynet connecthoneytrap activityhoneytrap eventshoneytrap exploit attemptshoneytrap honeypothoneytrap interactionshong konghttp attackhttp brute forcehttp probinghttp scannerhttp scanninghttpsicmpics securityidentity & access exploitationimapindicatorindicators of compromiseindustrial automationindustrial control systemsindustrial iotindustrial productioninfrastructure reconnaissanceinfrastructure targetingingress tool transferinitial accessinjection activityinjection attacksinternet of thingsinternet-facinginternet-facing assetsinternet-wide scaninternet_scanintointrusion detectioniociot botnetiot securityiot targetediot/ics attackip-addressesipphoney honeypotipv4ipv4 port scanningipv4 scanningit supportjapankibanalateral movementlog4potlogin attemptlogin_attemptloginattacklondonmacosmailoney activitymailoney attacksmailoney eventsmailoney honeypotmailoney interactionsmalicious activitymalicious file transfermalicious ip listmalicious ipsmalicious ipv4malicious network activitymalicious scanmalicious softwaremalicious trafficmalwaremalware activitymalware analysismalware behaviourmalware capturemalware deliverymalware delivery attemptmalware detectionmalware distributionmalware downloadmalware propagationmanufacturing technologymedpotmelbourne regionmicrosoft 365military operationsmirai botnetmisp threatmonitoringmonthlymssqlnation-state activitynational securitynetherlandsnetworknetwork attacksnetwork discoverynetwork enumerationnetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork intrusion detectionnetwork intrusionsnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork scanning activitynetwork securitynetwork traffic analysisnetwork-based attack attemptsnetwork-reconnaissancenetwork_activitynetwork_reconnaissancenetwork_scannextraynlnorth americanull scanoceaniaoktaopenopen threatopen_port_discoveryopenctiotx pulsenametioutlookp0fp0f fingerprintingp0f network fingerprintingp0f os fingerprintingp0f signaturesparquet avropassword attackpassword attackspassword sprayingpayment processingpgp signphishingphishing attackphishing trappinyinpla unitpolandportalpotential botnetpotential threat actorpotential vulnerability probingpotential_compromiseprivilege escalationprocess injectionprocess manufacturingprotocol exploitationproxyproxy accessproxy protocolpublic administrationpublic infrastructurepublic policyquality controlransomexxransomwareransomware activityratsrcerdp attacksrdp scanningreconnaissancereconnaissance activityredis honeypotregional securityregulatory agenciesremote accessremote access attackremote access toolremote code executionremote servicesresearchedresource hijackingscanscannerscannersscanning activityscripting attackssecurity eventsecurity operationssecurity policysensor intelsensor-taggedsentrypeer activitysentrypeer botnetsentrypeer eventssentrypeer interactionsserver exploitationservice discoveryservice enumerationservice probingservice scanservice_enumerationshell accessshell access attemptsip attackssippsmb brute forcesmtpsmtp attacksmtp attackssmtp brute forcesmtp probingsmtp scanningsnaresocial engineeringsocradar honeypotsoftware exploitationspamsparkratsparkrat remotesql injectionsql injection attemptsql injection attemptssshssh attackssh attacksssh monitoringsupply chain attacksupply chain managementsuricata alertsuricata alertssyn scansystem accesssystem disruptiont1003t1005t1016t1018t1020t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1027t1040t1041t1046t1053t1055t1059t1059.001t1059.003t1059.004t1059.007t1068t1071t1071.001t1076t1077t1078t1078.001t1078.002t1078.004t1083t1087t1087.001t1087.002t1105t1110t1110.001t1110.002t1110.003t1110.004t1114t1133t1187t1189t1190t1192t1195t1203t1204t1204.002t1219t1486t1490t1496t1499.001t1499.002t1499.003t1505.002t1547t1550t1550.002t1550.003t1555t1555.003t1563t1565t1566t1566.001t1566.002t1566.003t1572t1583t1588t1588.002t1588.006t1589t1590t1592t1595t1595.001t1595.002t1595.003tannertanner activitytanner eventstanner exploitstanner interactionstargeting databasetcp protocoltcp scantcp_scantelecommunicationstelnet attackstelnet scanningtelnet threatthreat actorthreat detectionthreat feedthreat intelligencethreat intelligence feedthreat preventionthreat_intelligencethreatsti advisorytokyotoolstor nodetpottrojan malwaretsocudp port scanudp scanudp_scanunauthorized accessunauthorized access attemptunauthorized loginunauthorized login attemptunauthorized probingunc6040unit coverunited kingdomunited statesunknown threat actorus abuseus noneverified-benignvnc protocolvoice phishingvoipvoip attackvpnvpn ipvulnerability scanvultr cloud infrastructurevultr infrastructure targetedvultr_platform_activitywealth managementweb app attackweb application attackweb application attacksweb application scanweb attackweb exploitweb exploitationweb exploitsweb login attemptweb scannerweb shellweb shell detectionweb shell uploadweb spamweb trafficwgetwordpotxmas scan
Activity Timeline
Jun 7Jun 7
Threat Activity Heatmap
· Peak: 2026-06-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
22
Reports
First seenFeb 7, 2023
Last seenJun 7, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS14061
OrgDigitalOcean, LLC
Coords52.3563, 4.9571
ProxyVPN
WHOIS
- raw
- inetnum: 142.91.160.0 - 142.132.127.255 netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC remarks: ------------------------------------------------------ remarks: remarks: For registration information, remarks: you can consult the following sources: remarks: remarks: IANA remarks: http://www.iana.org/assignments/ipv4-address-space remarks: http://www.iana.org/assignments/iana-ipv4-special-registry remarks: http://www.iana.org/assignments/ipv4-recovered-address-space remarks: remarks: AFRINIC (Africa) remarks: http://www.afrinic.net/ whois.afrinic.net remarks: remarks: APNIC (Asia Pacific) remarks: http://www.apnic.net/ whois.apnic.net remarks: remarks: ARIN (Northern America) remarks: http://www.arin.net/ whois.arin.net remarks: remarks: LACNIC (Latin America and the Carribean) remarks: http://www.lacnic.net/ whois.lacnic.net remarks: remarks: ------------------------------------------------------ country: EU # Country is really world wide admin-c: IANA1-RIPE tech-c: IANA1-RIPE status: ALLOCATED UNSPECIFIED mnt-by: RIPE-NCC-HM-MNT created: 2021-04-15T11:42:35Z last-modified: 2021-04-15T11:42:35Z source: RIPE role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-RIPE tech-c: IANA1-RIPE nic-hdl: IANA1-RIPE remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: RIPE-NCC-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:31:27Z source: RIPE # Filtered
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 years ago · Last seen 6 days ago
Appeared in 22 threat reports