IOC Radar
IPMediumSignal 28/100

146.190.23.133

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS14061
DigitalOcean, LLC
First Seen
Feb 8, 2025
Last Seen
Apr 9, 2026
Feb 8
First Seen
505d ago
Apr 9
Last Seen
80d ago
8
Reports
source reports
28%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
28%
Signal Score
28 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

8 reports28% confidence
8
Source reports
28%
Confidence score
Category tags
abuseaccessactive scanactive scanningadbhoney honeypotattackbad reputationbotnetbotnet activitybrute forcebrute force attemptscommand and controlcommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securitydecoy systemdionaeadionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringemaileuropeexploitation activityftp brute forcegithubgroupshoneytrap honeypotidentity & access exploitationindicatorinitial accessinjection activityiot securitylamplamp exploitation attemptslamp stack targetingmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware hostingnetherlandsnetworknetwork intrusion attemptsnetwork scanningnetwork securitynlnorth americaphishingphishing attackphishing trapprocess injectionpythonreconnaissanceresearchedresource hijackingscannerscanning activityscriptsentrypeer botnetsftpsftp attacksipsip enumerationsip vulnerability scanningslugsocial engineeringsshssh attackssh monitoringsurface webt1021.002t1040t1041t1046t1053.005t1055t1059t1059.001t1059.004t1068t1071.001t1078t1110t1110.002t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1555t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationsthreat actorthreat detectionthreat intelligencetor nodeunited statesvoipvoip attackvulnerability scan

Activity Timeline

1 total obs
Apr 9Apr 9

Threat Activity Heatmap

· Peak: 2026-04-09
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
28
SIGNAL
Signal Score
28%
Confidence
8
Reports
First seenFeb 8, 2025
Last seenApr 9, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS14061
OrgDigitalOcean, LLC
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

description
2025-02-08T04:01:09.803Z Honeypot : ElasticPot : Source: 146.190.23.133 : Port: 9200 Event Type: Scan
raw
inetnum: 146.189.0.0 - 146.190.255.255 netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC remarks: ------------------------------------------------------ remarks: remarks: For registration information, remarks: you can consult the following sources: remarks: remarks: IANA remarks: http://www.iana.org/assignments/ipv4-address-space remarks: http://www.iana.org/assignments/iana-ipv4-special-registry remarks: http://www.iana.org/assignments/ipv4-recovered-address-space remarks: remarks: AFRINIC (Africa) remarks: http://www.afrinic.net/ whois.afrinic.net remarks: remarks: APNIC (Asia Pacific) remarks: http://www.apnic.net/ whois.apnic.net remarks: remarks: ARIN (Northern America) remarks: http://www.arin.net/ whois.arin.net remarks: remarks: LACNIC (Latin America and the Carribean) remarks: http://www.lacnic.net/ whois.lacnic.net remarks: remarks: ------------------------------------------------------ country: EU # Country is really world wide admin-c: IANA1-RIPE tech-c: IANA1-RIPE status: ALLOCATED UNSPECIFIED mnt-by: RIPE-NCC-HM-MNT created: 2019-01-07T10:44:36Z last-modified: 2019-01-07T10:44:36Z source: RIPE role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-RIPE tech-c: IANA1-RIPE nic-hdl: IANA1-RIPE remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: RIPE-NCC-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:31:27Z source: RIPE # Filtered
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 8 threat reports