IOC Radar
IPMediumSignal 22/100

45.134.142.195

Location
United StatesUnited States
Miami, IDF
ASN
AS212238
Cdnext MIA
First Seen
Aug 6, 2022
Last Seen
May 31, 2026
Aug 6
First Seen
1406d ago
May 31
Last Seen
13d ago
7
Reports
source reports
22%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
22%
Signal Score
22 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

27 techniques

Network Information

CountryUSUnited States
RegionMiami, IDF
ASNAS212238
OrganizationCdnext MIA

IP Category

VPN
VPN exit node

Feed Intelligence Summary

7 reports22% confidence
7
Source reports
22%
Confidence score
Category tags
abuseaccessaccess controlaccount discoveryaccount profilingaccount takeoveractive scanactive scanningattackauthenticationautomated attackbad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attemptsbrute-forcebruteforcecommand and controlcommunication protocolcowriecowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposureddosddos attackdecoy systemdefensedenial of servicedionaeadistributed attacksencryptioneuropeexploitation activityfattfinance and insurancefortiosfrancefraudgroupshackingidentity & access exploitationinformation technologyinjection activityipqsipv4it infrastructuremalicious activitymalicious softwaremalwaremediamobile threatmonthlynetworknetwork securitynorth americap0fpassword attackpassword attacksprocess injectionproxyrdpreconnaissanceremote accessremote servicesresearchedresource hijackingretail tradescams & fraudscannerscriptsecurity operationssensor-taggedsentrypeer botnetsftp attackslugsoftware developmentsshssh attackssh monitoringssl vpnsurface webt1021.001t1040t1041t1055t1071.001t1078t1078.001t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1555t1555.003t1565t1567t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat intelligencetor nodetpotunauthorized accessunited statesusvoipvoip attackvpnvpn ipweb app attackweb application attackweb attackweb exploitation

Activity Timeline

1 total obs
May 31May 31

Threat Activity Heatmap

· Peak: 2026-05-31
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
22
SIGNAL
Signal Score
22%
Confidence
7
Reports
First seenAug 6, 2022
Last seenMay 31, 2026
GeolocationUS
CountryUnited States
LocationMiami, IDF
ASNAS212238
OrgCdnext MIA
Coords48.8607, 2.3281
VPN

VirusTotal

Not checked

WHOIS

description
Seen in CiscoASA honeypot logs within the configured window. request: GET /+CSCOE+/logon.html HTTP/1.1" 302 - geo: US; ASN 212238 (Datacamp Limited)
raw
NetRange: 45.132.84.0 - 45.135.159.255 CIDR: 45.133.0.0/16, 45.132.88.0/21, 45.134.0.0/16, 45.135.128.0/19, 45.132.96.0/19, 45.132.128.0/17, 45.135.0.0/17, 45.132.84.0/22 NetName: RIPE NetHandle: NET-45-132-84-0-1 Parent: NET45 (NET-45-0-0-0-0) NetType: Early Registrations, Transferred to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2014-05-22 Updated: 2025-02-10 Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois. Ref: https://rdap.arin.net/registry/ip/45.132.84.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE ReferralServer: whois.ripe.net ResourceLink: https://apps.db.ripe.net/db-web-ui/query OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 13 days ago
Appeared in 7 threat reports