IOC Radar
IPMediumSignal 44/100

206.189.233.140

Location
United StatesUnited States
North Bergen, NJ
ASN
AS14061
DigitalOcean, LLC
First Seen
Apr 6, 2021
Last Seen
Apr 3, 2026
Apr 6
First Seen
1905d ago
Apr 3
Last Seen
82d ago
11
Reports
source reports
44%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Network Information

CountryUSUnited States
RegionNorth Bergen, NJ
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

11 reports44% confidence
11
Source reports
44%
Confidence score
Category tags
accessactive scanactive scanningadbhoney honeypotattackbeaconbotnetbotnet activitybrute forcebrute force attemptsbrute ratelcobalt strikecommand & controlcommand and controlcommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securitydecoy systemdionaeadionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringemailexploitation activityftp brute forcegithubgroupshoneytrap honeypotidentity & access exploitationindicatorinitial accessinjection activityiot securitylamplamp exploitation attemptslamp stack targetingmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware hostingmythicnetworknetwork intrusion attemptsnetwork scanningnetwork securitynorth americaphishingphishing attackphishing trapprocess injectionpythonransomwarereconnaissanceresearchedresource hijackingscanning activityscriptsentrypeer botnetsftpsftp attacksipsip enumerationsip vulnerability scanningslugsocial engineeringsshssh attackssh monitoringsurface webt1021.002t1040t1041t1046t1053.005t1055t1059t1059.001t1059.004t1068t1071.001t1078t1110t1110.002t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1555t1565t1566.001t1566.002t1566.003t1566.004t1569.002t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationsthreat actorthreat detectionthreat intelligencetor nodeunited statesvoipvoip attackvulnerability scan

Activity Timeline

1 total obs
Apr 3Apr 3

Threat Activity Heatmap

· Peak: 2026-04-03
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
11
Reports
First seenApr 6, 2021
Last seenApr 3, 2026
GeolocationUS
CountryUnited States
LocationNorth Bergen, NJ
ASNAS14061
OrgDigitalOcean, LLC
Coords40.7930, -74.0247

VirusTotal

Not checked

WHOIS

description
2025-02-13T10:35:01.334Z Honeypot : ElasticPot : Source: 206.189.233.140 : Port: 9200 Event Type: Scan
raw
NetRange: 206.189.0.0 - 206.189.255.255 CIDR: 206.189.0.0/16 NetName: DIGITALOCEAN-206-189-0-0 NetHandle: NET-206-189-0-0-1 Parent: NET206 (NET-206-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: DigitalOcean, LLC (DO-13) RegDate: 1995-11-15 Updated: 2020-04-03 Comment: Routing and Peering Policy can be found at https://www.as14061.net Comment: Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse Ref: https://rdap.arin.net/registry/ip/206.189.0.0 OrgName: DigitalOcean, LLC OrgId: DO-13 Address: 105 Edgeview Drive, Suite 425 City: Broomfield StateProv: CO PostalCode: 80021 Country: US RegDate: 2012-05-14 Updated: 2025-04-11 Ref: https://rdap.arin.net/registry/entity/DO-13 OrgTechHandle: NOC32014-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-646-827-4366 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN OrgAbuseHandle: DIGIT19-ARIN OrgAbuseName: DigitalOcean Abuse OrgAbusePhone: +1-646-827-4366 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN OrgNOCHandle: NOC32014-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-646-827-4366 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
references
https://github.com/telekom-security/tpotce, https://raw.githubusercontent.com/conexioninversa/MalwareIntel/main/C2_All.csv

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 2 months ago
Appeared in 11 threat reports