IOC Radar
IPHighVerifiedSignal 43/100

143.198.106.164

Location
United StatesUnited States
Santa Clara, CA
ASN
AS14061
DigitalOcean, LLC
First Seen
Mar 14, 2025
Last Seen
Apr 24, 2025
Mar 14
First Seen
453d ago
Apr 24
Last Seen
412d ago
4
Reports
source reports
43%
Confidence
high
Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
43%
Signal Score
43 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

41 techniques

Network Information

CountryUSUnited States
RegionSanta Clara, CA
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

4 reports43% confidence
4
Source reports
43%
Confidence score
Category tags
access controlactive scanningblacklist activityblacklist hitblacklist ip checkbotnetbotnet activitybrute forcebrute force attackcommand and controlcommand executioncredential accesscredential stuffingdata encryptiondata exfiltrationdatabase attacksdatabase brute forcedatabase securitydecoy systemdhcpdhcp abusedhcp attackdhcp discoverydhcp exploitationdhcp explorationdhcp scandhcp scanningdistributed attackselasticsearchelasticsearch attackelasticsearch brute forceelasticsearch enumerationelasticsearch exposureelasticsearch probingelasticsearch scanelasticsearch scanningftpftp brute forceftp brute-forcegeneric port scanningimapimap attackimap brute forceimap bruteforceimap scanningindicatorinformation gatheringinitial accesslateral movementldapldap attackldap brute forceldap probingldap scanldap scanningmalicious softwaremalwarememcache exploitationmemcache scanmemcache scanningmemcached attackmemcached enumerationmemcached exposurememcached probingmemcached scanningmssqlmssql attackmssql brute forcemssql scannetworknetwork monitoringnetwork protocolnetwork scanningnetwork securityntpntp amplificationntp amplification attemptntp exploitationntp scanntp scanningoracleoracle attackoracle brute forceoracle probingoracle scanpassword attackspossible malicious activitypostgres brute forcepostgresql attackpostgresql brute forcepotential botnet activityprocess injectionprotocol exploitationqhoneypot activityqhoneypot interactionsreconnaissanceredis brute forceredis probingredis scanremote accessremote servicesresearchedscanscannersecurity policyserver exploitationservice enumerationsmb brute forcesmb enumerationsmb scansmb scanningsnmp enumerationsnmp exploitationsnmp scansocks5socks5 proxy activitysocks5 proxy attemptsocks5 proxy detectionsocks5 proxy usagesocks5 scansocks5 scanningsql injectionssh attackssh bruteforcet1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1021.007t1021.008t1040t1046t1055t1059t1059.001t1059.003t1059.005t1068t1071t1071.001t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1486t1496t1499.002t1499.003t1505.004t1565t1588t1595t1595.001t1595.002t1595.003telnet bruteforcetelnet threatthreat intelligencethreat preventionunited statesunited states of americausvnc bruteforcevnc protocolvnc scanning

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
43
SIGNAL
Signal Score
43%
Confidence
4
Reports
First seenMar 14, 2025
Last seenApr 24, 2025
Verified IOC
GeolocationUS
CountryUnited States
LocationSanta Clara, CA
ASNAS14061
OrgDigitalOcean, LLC
Coords37.3931, -121.9620

VirusTotal

Not checked

WHOIS

raw
NetRange: 143.198.0.0 - 143.198.255.255 CIDR: 143.198.0.0/16 NetName: DIGITALOCEAN-143-198-0-0 NetHandle: NET-143-198-0-0-1 Parent: NET143 (NET-143-0-0-0-0) NetType: Direct Allocation OriginAS: AS14061 Organization: DigitalOcean, LLC (DO-13) RegDate: 2020-01-24 Updated: 2020-04-03 Comment: Routing and Peering Policy can be found at https://www.as14061.net Comment: Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse Ref: https://rdap.arin.net/registry/ip/143.198.0.0 OrgName: DigitalOcean, LLC OrgId: DO-13 Address: 105 Edgeview Drive, Suite 425 City: Broomfield StateProv: CO PostalCode: 80021 Country: US RegDate: 2012-05-14 Updated: 2025-04-11 Ref: https://rdap.arin.net/registry/entity/DO-13 OrgAbuseHandle: DIGIT19-ARIN OrgAbuseName: DigitalOcean Abuse OrgAbusePhone: +1-646-827-4366 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN OrgNOCHandle: NOC32014-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-646-827-4366 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN OrgTechHandle: NOC32014-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-646-827-4366 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 1 year ago
Appeared in 4 threat reports