IPMediumSignal 47/100
159.223.113.166
Location
United StatesNorth Bergen, New Jersey
ASN
AS14061
DigitalOcean, LLC
First Seen
May 26, 2023
Last Seen
May 3, 2026
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionNorth Bergen, New Jersey
ASNAS14061
OrganizationDigitalOcean, LLC
Feed Intelligence Summary
10 reports47% confidence
10
Source reports
47%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney honeypotattackbad reputationbotnetbotnet activitybrute forcebrute force attackscommand and controlcommunication protocolcompromise attemptcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase enumerationdatabase securitydecoy systemdionaea honeypotdionaea payloadsdistributed attacksexploitexploitation activityfattfatt detectionsftpftp brute forcehoneytrap eventshoneytrap honeypothttp scanneridentity & access exploitationindicatorinjection activitymailoney eventsmailoney honeypotmalicious activitymalicious softwaremalicious trafficmalwaremalware behaviourmalware capturenetworknetwork intrusion attemptsnetwork scanningnetwork securitynorth americap0fp0f signaturesphishingphishing attackphishing trapprocess injectionransomwarereconnaissanceredis honeypotresearchedresource hijackingscannersensor-taggedsentrypeer botnetsentrypeer eventssftp attacksftp attemptsip scanningsmtpsocial engineeringssh attackssh monitoringsuricata alertst1021t1040t1041t1046t1055t1059t1068t1071t1071.001t1078t1110t1110.002t1133t1189t1190t1486t1496t1499.001t1499.002t1499.003t1555t1565t1566.001t1566.002t1566.003t1566.004t1588t1595t1595.001t1595.002t1595.003tannertanner eventstargeting databasetelecommunicationsthreat actorthreat detectionthreat intelligencetor nodetpotunited statesusvoipvoip attackweb traffic
Activity Timeline
May 3May 3
Threat Activity Heatmap
· Peak: 2026-05-03LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
10
Reports
First seenMay 26, 2023
Last seenMay 3, 2026
GeolocationUS
CountryUnited States
LocationNorth Bergen, New Jersey
ASNAS14061
OrgDigitalOcean, LLC
Coords37.7510, -97.8220
VirusTotal
Not checked
WHOIS
- description
- 2025-03-05T16:56:37.000Z Honeypot : Redishoneypot : Source: 159.223.113.166 : Port: 6379 Action: NewConnect Message:
- raw
- NetRange: 159.223.0.0 - 159.223.255.255 CIDR: 159.223.0.0/16 NetName: DO-13 NetHandle: NET-159-223-0-0-1 Parent: NET159 (NET-159-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: DigitalOcean, LLC (DO-13) RegDate: 2020-11-03 Updated: 2020-11-03 Ref: https://rdap.arin.net/registry/ip/159.223.0.0 OrgName: DigitalOcean, LLC OrgId: DO-13 Address: 105 Edgeview Drive, Suite 425 City: Broomfield StateProv: CO PostalCode: 80021 Country: US RegDate: 2012-05-14 Updated: 2025-04-11 Ref: https://rdap.arin.net/registry/entity/DO-13 OrgTechHandle: NOC32014-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-646-827-4366 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN OrgAbuseHandle: DIGIT19-ARIN OrgAbuseName: DigitalOcean Abuse OrgAbusePhone: +1-646-827-4366 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN OrgNOCHandle: NOC32014-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-646-827-4366 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 years ago · Last seen 1 month ago
Appeared in 10 threat reports