IPMediumSignal 48/100
143.244.47.83
Location
United StatesNew York, New York
ASN
AS212238
Cdnext NYC
First Seen
Apr 10, 2023
Last Seen
Jun 3, 2026
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
48%
Signal Score
48 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionNew York, New York
ASNAS212238
OrganizationCdnext NYC
IP Category
⊕
VPN
VPN exit node
Feed Intelligence Summary
15 reports48% confidence
15
Source reports
48%
Confidence score
Category tags
abuseaccess controlaccount discoveryaccount profilingaccount takeoveractive scanactive scanningactive-attackafricaalienvault_ransomwareapacheapache attackeraptargentinaasiaattackaustraliaaustriaauthenticationauto-blockedautomated attackbad reputationbad web botbangladeshbelgiumbothammerbotnetbotnet activitybrazilbrute forcebrute force attackbrute force attackerbrute force attemptsbrute-forcebruteforcecambodiacanadachinacommand and controlcommunication protocolcompromised credentialscredential accesscredential stuffingcyberattackdaily-threat-feeddata exfiltrationdata store exposuredatabase securityddosddos attackddos attemptdecoy systemdenial of servicedenial-of-servicedistributed attacksencryptioneuropeeurope/asiaexploitexploit attemptexploitation activityexploitation attemptexploited hostfinlandfortiosfranceftp brute forcegermanyhackinghong konghttp brute forcehttp scannerhttp scanninghttpshttps scanningidentity & access exploitationimap brute forceindiainformation technologyinjection activityinjection attacksiot securityiot targetedipsec vpnipv4irelandit infrastructureitalyjamaicajapankenyakorea, republic ofkyrgyzstanlateral movementlithuaniamalaysiamalicious activitymalicious softwaremalicious trafficmalwaremexicomobile threatmorocconetherlandsnetworknetwork intrusion attemptsnetwork reconnaissancenetwork scanningnetwork securitynew zealandnorth americanorwayoceaniapassword attackpassword attackspolandpop3 brute forceprocess injectionprotocol exploitationproxyransomwarerealtime-wafreconnaissanceremote accessremote servicesresearchedromaniarussiascannersecurity operationsserbiasiemsingaporesmtp brute forcesoftware developmentsouth africasouth americaspamsql injection attemptsshssh attackssl vpnssl-enrichmentswedensyn scansyrian arab republict1021t1021.001t1040t1046t1048t1055t1057t1059t1059.003t1065t1068t1071t1071.001t1076t1078t1078.001t1078.004t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1204t1486t1496t1499.001t1499.002t1499.003t1539t1555t1555.003t1562t1563t1565t1566t1567t1573.002t1583t1588t1592.002t1595t1595.001t1595.002t1595.003taiwantargeting databasetcp scantelnet threatthreat actorthreat intelligencethreat-inteltor nodetpotturkeyudp scanukraineunauthorized accessunited kingdomunited statesunited states of americausvenezuela, bolivarian republic ofvpnvpn ipvulnerability scanvulnerability-exploitationwebweb app attackweb application attackweb attack activityweb exploitationweb spamweb traffic
Activity Timeline
Jun 3Jun 3
Threat Activity Heatmap
· Peak: 2026-06-03LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
48
SIGNAL
Signal Score
48%
Confidence
15
Reports
First seenApr 10, 2023
Last seenJun 3, 2026
GeolocationUS
CountryUnited States
LocationNew York, New York
ASNAS212238
OrgCdnext NYC
Coords40.7132, -74.0061
VPN
VirusTotal
Not checked
WHOIS
- description
- AbuseIPDB 100% | US | Datacamp Limited
- raw
- NetRange: 143.244.32.0 - 143.244.63.255 CIDR: 143.244.32.0/19 NetName: RIPE NetHandle: NET-143-244-32-0-1 Parent: NET143 (NET-143-0-0-0-0) NetType: Early Registrations, Transferred to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2020-07-23 Updated: 2025-02-10 Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois. Ref: https://rdap.arin.net/registry/ip/143.244.32.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE ReferralServer: whois.ripe.net ResourceLink: https://apps.db.ripe.net/db-web-ui/query OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 years ago · Last seen 8 days ago
Appeared in 15 threat reports