IOC Radar
IPMediumSignal 81/100

147.182.221.243

Location
United StatesUnited States
North Bergen, NJ
ASN
AS14061
DigitalOcean, LLC
First Seen
Jul 7, 2025
Last Seen
Mar 22, 2026
Jul 7
First Seen
354d ago
Mar 22
Last Seen
96d ago
7
Reports
source reports
81%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
81%
Signal Score
81 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

48 techniques

Network Information

CountryUSUnited States
RegionNorth Bergen, NJ
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

7 reports81% confidence
7
Source reports
81%
Confidence score
Category tags
abuseactive scanningadbhoney attacksadbhoney honeypotattackbotnetbrute forcebrute force attackbrute force attackscisco devicecommand and controlcommunication protocolcompromised system attemptconpot attacksconpot honeypotcowrie attackscowrie honeypotcredential accesscredential stuffingdata exfiltrationdatabase attackdatabase brute forcedatabase securitydecoy systemdevice managementdionaea attacksdionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringenterprise networkingftpftp brute forcehoneytrap honeypothttp brute forcehttp probinghttp scannerics securityindicatorindustrial control systemsiot/ics attacklamplamp exploitation attemptsmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware download attemptsnetworknetwork infrastructurenetwork intrusionnetwork scanningnetwork securitynetwork service scanningnorth americapassword attackpassword attacksprocess injectionprotocol exploitationreconnaissanceresearchedscannerscanner activityscripting attackssftp attacksftp attacksshell access attemptsip brute forcesip probingsocradar honeypotsql injection attemptsssh attackssh monitoringt1003t1016t1018t1021t1027t1040t1041t1046t1053t1055t1059t1059.004t1059.007t1065t1068t1070t1071t1071.001t1078t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1199t1203t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1565t1588t1589t1590t1592t1595t1595.001t1595.002t1595.003tannertanner attackstelecommunicationstelnet threatthreat actorthreat detectionthreat intelligenceunited statesvoipweb attackweb exploitationweb shell attemptweb traffic

Activity Timeline

1 total obs
Mar 22Mar 22

Threat Activity Heatmap

· Peak: 2026-03-22
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
81
SIGNAL
Signal Score
81%
Confidence
7
Reports
First seenJul 7, 2025
Last seenMar 22, 2026
GeolocationUS
CountryUnited States
LocationNorth Bergen, NJ
ASNAS14061
OrgDigitalOcean, LLC
Coords40.7930, -74.0247

VirusTotal

Not checked

WHOIS

description
2025-07-07T01:04:35.696Z Honeypot : Dionaea : Source: 147.182.221.243 : Port: 3306 Connection: {'type': 'accept', 'transport': 'tcp', 'protocol': 'mysqld'}
raw
NetRange: 147.182.128.0 - 147.182.255.255 CIDR: 147.182.128.0/17 NetName: DIGITALOCEAN-147-182-128-0 NetHandle: NET-147-182-128-0-1 Parent: NET147 (NET-147-0-0-0-0) NetType: Direct Allocation OriginAS: AS14061 Organization: DigitalOcean, LLC (DO-13) RegDate: 2020-01-17 Updated: 2020-04-03 Comment: Routing and Peering Policy can be found at https://www.as14061.net Comment: Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse Ref: https://rdap.arin.net/registry/ip/147.182.128.0 OrgName: DigitalOcean, LLC OrgId: DO-13 Address: 105 Edgeview Drive, Suite 425 City: Broomfield StateProv: CO PostalCode: 80021 Country: US RegDate: 2012-05-14 Updated: 2025-04-11 Ref: https://rdap.arin.net/registry/entity/DO-13 OrgTechHandle: NOC32014-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-646-827-4366 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN OrgNOCHandle: NOC32014-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-646-827-4366 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN OrgAbuseHandle: DIGIT19-ARIN OrgAbuseName: DigitalOcean Abuse OrgAbusePhone: +1-646-827-4366 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 11 months ago · Last seen 3 months ago
Appeared in 7 threat reports