IPMediumSignal 64/100

`143.198.169.101`

Location

United States

North Bergen, NJ

ASN

AS14061

DigitalOcean, LLC

First Seen

Jul 6, 2022

Last Seen

May 3, 2026

Jul 6

First Seen

1451d ago

May 3

Last Seen

54d ago

Reports

source reports

64%

Confidence

medium

Found in 22 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

64%

Signal Score

64 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

45 techniques

Network Information

Country

United States

RegionNorth Bergen, NJ

ASNAS14061

OrganizationDigitalOcean, LLC

IP Category

⊕

VPN

VPN exit node

Feed Intelligence Summary

22 reports64% confidence

Source reports

64%

Confidence score

Category tags

abuseaccess controlaccount compromiseactive scanactive scanningapacheapache attackeraptattackattacking-ipsaustraliaautomated-attackbad reputationbad web botblocklist_allblog spambotnetbotnet activitybotnet-activitybrute forcebrute force attackbrute force attacksbrute force attemptsbrute-force attackbruteforceciscocisco devicecisco exploitation attemptscloud infrastructurecloud infrastructure attackcloud servicescommand injectioncommunication protocolcompromised credentialscompromised hostconnected devicesconpotconpot honeypotcowriecowrie honeypotcowrie interactionscowrie logscowrie ssh honeypotcowrie ssh logscredential accesscredential attackcredential harvestingcredential stuffingcredential-stuffingdata encryptiondata exfiltrationdata store exposuredatabase attackdatabase attacksdatabase securityddosddos preparationdecoy systemdenial of servicedenial-of-servicedevice managementdigital oceandionaeadionaea honeypotdnsdns attackelasticpot honeypotelasticsearch monitoringemailencryptionenterprise networkingeu cyber policieseuropeexploitexploit attemptsexploitationexploitation activityexploitation attemptsexploited hostfattfraud voipftpftp attacksftp brute forcehackinghoneytrap honeypothttp brute forcehttp scannerhttp scanninghttpsics securityidentity & access exploitationindicators of compromiseindicators-of-compromiseindustrial control systemsindustrial iotinfrastructure scanninginitial accessinjection activityinjection attacksinternet of thingsiociot analyticsiot applicationsiot platformsiot securityiot/ics attackipphoney honeypotlamplamp server attacklamp server targetinglamp stacklamp stack attacklamp stack targetinglateral movementlinux-server-attacklogin attemptmailoney honeypotmalicious activitymalicious login attemptsmalicious network activitymalicious softwaremalicious trafficmalicious-login-attemptsmalwaremalware behaviourmalware capturemalware deliverymalware delivery attemptmalware distributionnetworknetwork attacksnetwork discoverynetwork enumerationnetwork infrastructurenetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnetwork-based attack attemptsnorth americanull scanoceaniaopenctiopportunistic-attackp0fpassword attackpassword attacksphishingphishing attackphishing trapport-scanningportscanpossible mirai variantpotential botnetprocess injectionprotocol exploitationprotocol-abuseproxyrdp attacksreconnaissanceregional securityremote accessremote servicesresearchedresource hijackingscams & fraudscannerscannersscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetserver exploitationservice scansftpsftp access attemptsftp activitysftp attacksftp attemptsftp-attacksipsip scanningsmart devicessmtpsmtp attackssmtp brute forcesocial engineeringspamsql injectionsshssh attackssh attacksssh monitoringssh-brute-forcesynsyn scant1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.003t1059.007t1068t1071t1071.001t1076t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1505.002t1555t1563t1565t1566.001t1566.002t1566.003t1566.004t1589t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantelecommunicationstelnet attackstelnet threattelnet-brute-forcethreat actorthreat detectionthreat intelligencethreat intelligence feedthreat preventionthreat-intelligencetor nodetpotudp port scanudp scanunauthorized accessunauthorized access attemptunauthorized loginunauthorized-access-attemptunited kingdomunited statesusvnc protocolvoipvoip attackvpnvpn ipvulnerability scanvulnerability-scanningvultrweb application attackweb attackweb attacksweb exploitationweb spamweb trafficweb-application-attackxmas scan

Activity Timeline

1 total obs

May 3May 3

Threat Activity Heatmap

· Peak: 2026-05-03

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

64%

Confidence

Reports

First seenJul 6, 2022

Last seenMay 3, 2026

GeolocationUS

CountryUnited States

LocationNorth Bergen, NJ

ASNAS14061

OrgDigitalOcean, LLC

Coords40.7930, -74.0247

VPN

VirusTotal

Not checked

WHOIS

raw: NetRange: 143.198.0.0 - 143.198.255.255 CIDR: 143.198.0.0/16 NetName: DIGITALOCEAN-143-198-0-0 NetHandle: NET-143-198-0-0-1 Parent: NET143 (NET-143-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: DigitalOcean, LLC (DO-13) RegDate: 2020-01-24 Updated: 2020-04-03 Comment: Routing and Peering Policy can be found at https://www.as14061.net Comment: Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse Ref: https://rdap.arin.net/registry/ip/143.198.0.0 OrgName: DigitalOcean, LLC OrgId: DO-13 Address: 105 Edgeview Drive, Suite 425 City: Broomfield StateProv: CO PostalCode: 80021 Country: US RegDate: 2012-05-14 Updated: 2025-04-11 Ref: https://rdap.arin.net/registry/entity/DO-13 OrgNOCHandle: NOC32014-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-646-827-4366 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN OrgAbuseHandle: DIGIT19-ARIN OrgAbuseName: DigitalOcean Abuse OrgAbusePhone: +1-646-827-4366 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN OrgTechHandle: NOC32014-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-646-827-4366 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
references: https://github.com/telekom-security/tpotce, https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-02-25/, https://jamesbrine.com.au, https://jamesbrine.com.au/digitaloceansingapore-portscan-bruteforce-ip-list-2026-02-25/, https://jamesbrine.com.au/vultrmelbournetest-portscan-bruteforce-ip-list-2026-02-24/

`143.198.169.101`

MITRE ATT&CK TTPs

Network Information

IP Category

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey