IOC Radar
IPMediumSignal 74/100

64.227.168.12

Location
United StatesUnited States
Bengaluru, Karnataka
ASN
AS14061
DigitalOcean, LLC
First Seen
Aug 18, 2024
Last Seen
Feb 15, 2026
Aug 18
First Seen
677d ago
Feb 15
Last Seen
131d ago
13
Reports
source reports
74%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
74%
Signal Score
74 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

39 techniques

Network Information

CountryUSUnited States
RegionBengaluru, Karnataka
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

13 reports74% confidence
13
Source reports
74%
Confidence score
Category tags
abuseaccessactive scanningadbhoney activityadbhoney honeypotapacheapache attackerasiaattackaustraliabotnetbrute forcebrute force attackbrute force attackscommand and controlcommunication protocolconnect scancowriecowrie activitycowrie attackcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdatabase securityddosdecoy systemdenial of servicedionaeadionaea activitydionaea attackdionaea honeypotdistributed attacksemailexploit attemptsfattfin scanftpftp brute forcegithubgroupshoneytrap activityhoneytrap honeypothttp scannerinindexindiaindicatorinformation gatheringinformation technologylamplamp attacklamp stack attackmailoney activitymailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware distributionnetworknetwork attacksnetwork intrusion attemptsnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynorth americanull scanoceaniaos detectionp0fpassword attacksphishingphishing attackphishing trappossible vulnerability probingpotential threat activityprocess injectionprotocol exploitationpythonreconnaissanceremote accessremote servicesresearchedresource hijackingscannerscriptscripting attackssensor-taggedsentrypeer activitysentrypeer botnetserver exploitationservice detectionsftpsftp activitysftp attacksipsip scanningslugsocial engineeringspamsql injectionsshssh attackssh monitoringsurface websyn scant1016t1021t1021.001t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1071.001t1078t1078.001t1078.004t1083t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1505.002t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertanner attacktcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetpottpotceunited statesvnc protocolvoipvoip attackweb attackweb exploitationweb trafficxmas scan

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
74
SIGNAL
Signal Score
74%
Confidence
13
Reports
First seenAug 18, 2024
Last seenFeb 15, 2026
GeolocationUS
CountryUnited States
LocationBengaluru, Karnataka
ASNAS14061
OrgDigitalOcean, LLC
Coords33.7485, -84.3871

VirusTotal

Not checked

WHOIS

description
2025-02-02T23:42:43.841Z Honeypot : Tanner : Source: 64.227.168.12 : Port: 80 Post Data: {'version': '0.6.0', 'response': {'message': {'detection': {'version': '0.6.0', 'order': 1, 'name': 'index', 'type': 1}, 'sess_uuid': 'c39dde53-4388-41e2-8b4d-13cd661ad83f'}}}
raw
inetnum: 64.0.0.0 - 64.255.255.255 netname: ARIN-CIDR-BLOCK descr: Not allocated by APNIC remarks: ------------------------------------------------------ remarks: remarks: Important: remarks: remarks: Details of networks in this range are not registered remarks: in the APNIC Whois Database. remarks: remarks: Please search the ARIN Whois, which contains remarks: details of IP addresses allocated in North America, remarks: parts of the Caribbean, and sub-equatorial Africa: remarks: remarks: website: https://ws.arin.net/whois remarks: command line: whois.arin.net remarks: remarks: ------------------------------------------------------ country: AU admin-c: IANA1-AP tech-c: IANA1-AP mnt-by: MAINT-APNIC-AP mnt-lower: MAINT-APNIC-AP status: ALLOCATED PORTABLE last-modified: 2009-05-01T03:51:53Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 13 threat reports