IOC Radar
IPMediumSignal 100/100

45.200.149.53

Location
United StatesUnited States
Princeton, New Jersey
ASN
AS11404
Wave Broadband
First Seen
Sep 18, 2024
Last Seen
Aug 5, 2025
Sep 18
First Seen
646d ago
Aug 5
Last Seen
325d ago
15
Reports
source reports
99%
Confidence
medium
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

52 techniques

Network Information

CountryUSUnited States
RegionPrinceton, New Jersey
ASNAS11404
OrganizationWave Broadband

Feed Intelligence Summary

15 reports99% confidence
15
Source reports
99%
Confidence score
Category tags
abuseaccessaccess controlactive scanningadbhoney honeypotattackbotnetbrute forcebrute force attackbrute force attemptsc2ciscocisco devicecitrix exploitation attemptscitrix securityclosed portcommand and controlcommunication protocolconnectcowriecowrie activitycowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdatabase exploitationdatabase securitydedecoy systemdevice managementdictionary attackdionaeadionaea activitydionaea honeypotdistributed attacksemailenterprise networkingenterprise securityesexploitexploit attemptsexternal network scanexternal reconnaissancefiltered portftp brute forcegermanygithubgroupsheralding activityhoneytrap honeypotindicatorinformation gatheringinfrastructure acquisitionreconnaissanceiocslamplamp attacklamp exploitation attemptsmailoney activitymailoney honeypotmalicious activitymalicious softwaremalicious_activitymalwaremalware behaviourmalware capturemalware propagationmanualnetherlandsnetworknetwork attacksnetwork discoverynetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynlopen portpassword attackpassword attacksphishingphishing attackphishing trappossible vulnerability assessmentpotential vulnerability scanpotential vulnerability scanningprocess injectionpythonreconnaissanceredis honeypotresearchedresource hijackingscannerscanning activityscriptscripting attackssecurity policysentrypeer activitysentrypeer botnetservice discoverysftpsftp access attemptsftp attacksftp attemptsipsip scanningslugsmtp brute forcesocial engineeringsshssh attackssh monitoringstealthsurface webt1016t1018t1021t1021.001t1021.002t1021.004t1021.006t1040t1041t1046t1047t1053t1055t1059t1059.004t1059.007t1068t1071.001t1078t1078.002t1078.004t1083t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1203t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1566.004t1583t1587.001t1589t1590.001t1595t1595.001t1595.002t1595.003tannertanner activitytcptcp protocoltelecommunicationsthreat actorthreat detectionthreat intelligencethreat preventionunauthorized accessunauthorized access attemptunited statesunknown portvoipvoip attackweb application scanningweb attackweb exploitation

Activity Timeline

1 total obs
Aug 5Aug 5

Threat Activity Heatmap

· Peak: 2025-08-05
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
15
Reports
First seenSep 18, 2024
Last seenAug 5, 2025
GeolocationUS
CountryUnited States
LocationPrinceton, New Jersey
ASNAS11404
OrgWave Broadband
Coords40.3530, -74.6542

VirusTotal

Not checked

WHOIS

description
2024-12-30T12:25:41.237Z Honeypot : Dionaea : Source: 45.200.149.53 : Port: 27017 Connection: {'type': 'accept', 'protocol': 'mongod', 'transport': 'tcp'}

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 10 months ago
Appeared in 15 threat reports