IOC Radar
IPMediumSignal 24/100

157.245.85.120

Location
United StatesUnited States
North Bergen, New Jersey
ASN
AS14061
DigitalOcean, LLC
First Seen
Jun 24, 2021
Last Seen
Apr 7, 2026
Jun 24
First Seen
1816d ago
Apr 7
Last Seen
67d ago
6
Reports
source reports
24%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
24%
Signal Score
24 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Network Information

CountryUSUnited States
RegionNorth Bergen, New Jersey
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

6 reports24% confidence
6
Source reports
24%
Confidence score
Category tags
abuseactive scanactive scanningattackbad reputationbotnetbotnet activitybrute forcecommand and controlcommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredecoy systemdionaea honeypotdistributed attacksexploitation activityftp scanidentity & access exploitationindicatorinjection activitymailoney honeypotmalicious activitymalicious login attemptsmalicious softwaremalwaremalware behaviourmalware capturenetworknetwork reconnaissancenetwork scanningnetwork securitynorth americaphishingphishing attackphishing trapprocess injectionreconnaissanceresearchedresource hijackingsentrypeer botnetsftp attacksip brute forcesip scansocial engineeringssh attackssh monitoringssh scant1021t1040t1041t1055t1059t1071.001t1078t1110t1110.002t1187t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat intelligencetor nodeunited statesusvoipvoip attack

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
24
SIGNAL
Signal Score
24%
Confidence
6
Reports
First seenJun 24, 2021
Last seenApr 7, 2026
GeolocationUS
CountryUnited States
LocationNorth Bergen, New Jersey
ASNAS14061
OrgDigitalOcean, LLC
Coords40.7964, -74.0203

VirusTotal

Not checked

WHOIS

description
2025-03-07T17:57:22.513Z Honeypot : Dionaea : Source: 157.245.85.120 : Port: 1723 Connection: {'protocol': 'pptpd', 'type': 'accept', 'transport': 'tcp'}
raw
NetRange: 157.245.0.0 - 157.245.255.255 CIDR: 157.245.0.0/16 NetName: DIGITALOCEAN-157-245-0-0 NetHandle: NET-157-245-0-0-1 Parent: NET157 (NET-157-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: DigitalOcean, LLC (DO-13) RegDate: 2019-05-09 Updated: 2020-04-03 Comment: Routing and Peering Policy can be found at https://www.as14061.net Comment: Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse Ref: https://rdap.arin.net/registry/ip/157.245.0.0 OrgName: DigitalOcean, LLC OrgId: DO-13 Address: 105 Edgeview Drive, Suite 425 City: Broomfield StateProv: CO PostalCode: 80021 Country: US RegDate: 2012-05-14 Updated: 2025-04-11 Ref: https://rdap.arin.net/registry/entity/DO-13 OrgNOCHandle: NOC32014-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-646-827-4366 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN OrgAbuseHandle: DIGIT19-ARIN OrgAbuseName: DigitalOcean Abuse OrgAbusePhone: +1-646-827-4366 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN OrgTechHandle: NOC32014-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-646-827-4366 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 2 months ago
Appeared in 6 threat reports