IPMediumSignal 75/100
161.35.132.16
Location
United StatesClifton, NJ
ASN
AS14061
DigitalOcean, LLC
First Seen
Feb 25, 2025
Last Seen
Feb 15, 2026
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
75%
Signal Score
75 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionClifton, NJ
ASNAS14061
OrganizationDigitalOcean, LLC
Feed Intelligence Summary
10 reports75% confidence
10
Source reports
75%
Confidence score
Category tags
abuseaccessactive scanningadbhoney honeypotattackbotnetbrute forcebrute force attemptscommand and controlcommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdatabase securitydecoy systemdionaeadionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringemailftp brute forcegithubgroupshoneytrap honeypotindicatorinitial accesslamplamp exploitation attemptslamp stack targetingmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware hostingnetworknetwork intrusion attemptsnetwork scanningnetwork securitynorth americaphishingphishing attackphishing trapprocess injectionpythonreconnaissanceresearchedresource hijackingscannerscanning activityscriptsentrypeer botnetsftpsftp attacksipsip enumerationsip vulnerability scanningslugsocial engineeringsshssh attackssh monitoringsurface webt1021.002t1040t1041t1046t1053.005t1055t1059t1059.001t1059.004t1068t1071.001t1078t1110t1110.002t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1555t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat detectionthreat intelligenceunited statesusvoipvoip attack
Activity Timeline
Feb 15Feb 15
Threat Activity Heatmap
· Peak: 2026-02-15LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
75
SIGNAL
Signal Score
75%
Confidence
10
Reports
First seenFeb 25, 2025
Last seenFeb 15, 2026
GeolocationUS
CountryUnited States
LocationClifton, NJ
ASNAS14061
OrgDigitalOcean, LLC
Coords40.8364, -74.1403
VirusTotal
Not checked
WHOIS
- description
- 2025-02-25T02:46:07.378Z Honeypot : ElasticPot : Source: 161.35.132.16 : Port: 9200 Event Type: Scan
- raw
- NetRange: 161.35.0.0 - 161.35.255.255 CIDR: 161.35.0.0/16 NetName: DIGITALOCEAN-161-35-0-0 NetHandle: NET-161-35-0-0-1 Parent: NET161 (NET-161-0-0-0-0) NetType: Direct Allocation OriginAS: AS14061 Organization: DigitalOcean, LLC (DO-13) RegDate: 2019-07-30 Updated: 2020-04-03 Comment: Routing and Peering Policy can be found at https://www.as14061.net Comment: Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse Ref: https://rdap.arin.net/registry/ip/161.35.0.0 OrgName: DigitalOcean, LLC OrgId: DO-13 Address: 105 Edgeview Drive, Suite 425 City: Broomfield StateProv: CO PostalCode: 80021 Country: US RegDate: 2012-05-14 Updated: 2025-04-11 Ref: https://rdap.arin.net/registry/entity/DO-13 OrgAbuseHandle: DIGIT19-ARIN OrgAbuseName: DigitalOcean Abuse OrgAbusePhone: +1-646-827-4366 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN OrgTechHandle: NOC32014-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-646-827-4366 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN OrgNOCHandle: NOC32014-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-646-827-4366 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 4 months ago
Appeared in 10 threat reports