IOC Radar
IPMediumSignal 100/100

178.128.153.137

Location
United StatesUnited States
North Bergen, New Jersey
ASN
AS14061
Digitalocean
First Seen
Oct 16, 2024
Last Seen
Mar 21, 2026
Oct 16
First Seen
614d ago
Mar 21
Last Seen
93d ago
17
Reports
source reports
99%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

62 techniques

Network Information

CountryUSUnited States
RegionNorth Bergen, New Jersey
ASNAS14061
OrganizationDigitalocean

IP Category

Proxy
Proxy server

Feed Intelligence Summary

17 reports99% confidence
17
Source reports
99%
Confidence score
Category tags
abuseaccess controlaccount accessactive scanningasnattackauthentication attackauthentication attacksbotnetbrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsbrute-forccisco attackcisco devicecisco device attackcisco device targetingcisco exploitation attemptscitrix attack attemptcitrix brute forcecitrix exploitation attemptcitrix exploitation attemptscitrix securitycommand and controlcommunication protocolcowrie activitycowrie honeypotcowrie interactionscredential accesscredential harvestingcredential stuffingdata exfiltrationdecoy systemdenial of servicedevice managementdionaea activitydionaea honeypotdionaea interactionsdistributed attacksenterprise networkingenterprise securityexploitationexploitation of privilegeexternal remote servicesfailed login attemptsftp brute forcegeoiphackinghoneytrap honeypothttp brute forceicmpinfoinformation gatheringinformation technologyinitial accessit infrastructurelamplamp attacklamp attack attemptlamp exploitationlamp exploitation attemptslamp stack attacklamp stack targetinglateral movementlogin attacklogin bruteforcelogin securitymalicious activitymalicious payloadmalicious softwaremalicious ssh loginmalwaremalware attemptmalware behaviourmalware capturemalware deliverynetworknetwork attacksnetwork discoverynetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork service scanningnorth americanoticeopen portsos credentials dumpingpassword attackpassword attacksphishing attackpotential botnet activitypotential intrusion attemptprocess injectionprotocol exploitationproxyreconnaissancereconnaissance activityremote accessremote access attackremote service exploitationremote servicesresearchedscannerscanning activitysecurity policyservice enumerationsftp access attemptssftp attacksmtp brute forcesocial engineeringsoftware developmentssh attackssh monitoringsynsyn scant1016t1016.001t1018t1021t1021.001t1021.002t1021.004t1021.005t1040t1041t1046t1047t1055t1059t1059.004t1068t1071t1071.001t1076t1078t1078.001t1078.002t1078.003t1078.004t1083t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1199t1203t1204t1204.002t1210t1213t1486t1496t1499.001t1499.002t1499.003t1550t1555t1563t1565t1566.001t1566.002t1566.003t1588t1588.002t1588.004t1589t1589.002t1592t1595t1595.001t1595.002t1595.003tannertcp protocoltelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontraffic anomaly detectionudp port scanunauthorized access attemptunauthorized access attemptsunauthorized login attemptunited kingdomunited statesutc+1:00valid accountsweb application attacks

Activity Timeline

1 total obs
Mar 21Mar 21

Threat Activity Heatmap

· Peak: 2026-03-21
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
17
Reports
First seenOct 16, 2024
Last seenMar 21, 2026
GeolocationUS
CountryUnited States
LocationNorth Bergen, New Jersey
ASNAS14061
OrgDigitalocean
Coords40.7964, -74.0203
Proxy

VirusTotal

Not checked

WHOIS

description
2024-11-18T01:45:07.706Z Honeypot : Cowrie : Source: 178.128.153.137 Data: Connection lost after 1 seconds

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 17 threat reports