IOC Radar
IPMediumSignal 30/100

45.134.142.215

Location
United StatesUnited States
Miami, Florida
ASN
AS212238
Cdnext MIA
First Seen
Sep 8, 2022
Last Seen
Jun 8, 2026
Sep 8
First Seen
1387d ago
Jun 8
Last Seen
18d ago
13
Reports
source reports
30%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
30%
Signal Score
30 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

34 techniques

Network Information

CountryUSUnited States
RegionMiami, Florida
ASNAS212238
OrganizationCdnext MIA

IP Category

Proxy
Proxy server
VPN
VPN exit node

Feed Intelligence Summary

13 reports30% confidence
13
Source reports
30%
Confidence score
Category tags
abuseaccessaccess controlaccount discoveryaccount profilingaccount takeoveractive scanactive scanningalienvault_ransomwareaptasiaattackauthenticationautomated attackbad reputationbad web botblock listbotnetbotnet activitybrute forcebrute force attackbrute force attemptsbrute-forcebruteforcechina mobilecisco devicecolumnscommand and controlcompany limitedcompromised systemscowrie honeypotcredential accesscredential stuffingdarkforumsdata exfiltrationdata store exposureddosdecoy systemdenial of servicedevice managementdistributed attacksencryptionenterprise networkingeuropeexploitationexploitation activityexploitation attemptsfortiosfranceftp brute forcegroupshackinghk abusehandlerhong konghttp brute forceidentity & access exploitationimapimap attackindicatorinformation technologyinitial accessinjection activityiocipv4it infrastructuremalicious activitymalicious ip activitymalicious softwaremalwaremobile threatnetworknetwork infrastructurenetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnorth americapalo alto networkspassword attackpassword attackspgp signprocess injectionproxyransomwarereconnaissanceremote accessremote servicesresearchedscannerscriptsecurity monitoringsecurity operationsservice scansftp attackslugsoftware developmentssh attackssh monitoringssl vpnsurface websyn scant1021.001t1021.002t1021.004t1041t1046t1055t1059t1071.001t1076t1078t1078.001t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1555t1555.003t1563t1565t1567t1592t1595t1595.001t1595.002t1595.003tannertcp scanthreat actorthreat intelligencethreat-intelligencetimeouttor nodetpottsecudp scanunauthorized accessunited statesusus nonevpnvpn ipweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
Jun 8Jun 8

Threat Activity Heatmap

· Peak: 2026-06-08
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
30
SIGNAL
Signal Score
30%
Confidence
13
Reports
First seenSep 8, 2022
Last seenJun 8, 2026
GeolocationUS
CountryUnited States
LocationMiami, Florida
ASNAS212238
OrgCdnext MIA
Coords25.7743, -80.1936
ProxyVPN

VirusTotal

Not checked

WHOIS

description
Score: 62/100. Labels: abuseipdb:minimal, abuseipdb:reported, cowrie, firehol:unlisted, gti:exported, gti:suspicious. 45.134.142.215 classified as attacker with unclear intent (medium confidence). Origin: enriched. Listed on: AbuseIPDB (minimal, reported).
raw
NetRange: 45.132.84.0 - 45.135.159.255 CIDR: 45.133.0.0/16, 45.132.88.0/21, 45.132.96.0/19, 45.135.128.0/19, 45.132.84.0/22, 45.135.0.0/17, 45.132.128.0/17, 45.134.0.0/16 NetName: RIPE NetHandle: NET-45-132-84-0-1 Parent: NET45 (NET-45-0-0-0-0) NetType: Early Registrations, Transferred to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2014-05-22 Updated: 2025-02-10 Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois. Ref: https://rdap.arin.net/registry/ip/45.132.84.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: https://apps.db.ripe.net/search/query.html ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE ReferralServer: whois.ripe.net ReferralServer: whois://whois.ripe.net ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: https://apps.db.ripe.net/search/query.html OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 18 days ago
Appeared in 13 threat reports