IOC Radar
IPMediumSignal 42/100

68.183.27.230

Location
United StatesUnited States
North Bergen, NJ
ASN
AS14061
DigitalOcean, LLC
First Seen
May 31, 2025
Last Seen
May 25, 2026
May 31
First Seen
376d ago
May 25
Last Seen
17d ago
18
Reports
source reports
42%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
42%
Signal Score
42 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

35 techniques

Network Information

CountryUSUnited States
RegionNorth Bergen, NJ
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

18 reports42% confidence
18
Source reports
42%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney activityadbhoney exploitsadbhoney honeypotattackbad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attemptsbrute-forcebrute_forceciscocisco devicecisco device targetingcisco exploit attemptcisco exploit attemptscisco_exploitcommand and controlcommunication protocolconpotconpot activityconpot honeypotcowriecowrie activitycowrie honeypotcowrie ssh attackscowrie_attackcredential accesscredential harvestingcredential stuffingcredential_accessdata exfiltrationdata store exposuredatabase attackddosddos attackdecoy systemdenial of servicedevice managementdionaeadionaea activitydionaea honeypotdionaea malware collectiondistributed attacksemailenterprise networkingexploit attemptexploitation activityfattftp brute forceheralding activityhoneytrap honeypotics securityidentity & access exploitationindicatorindustrial control systemsinitial_accessinjection activityiot securityiot/ics attacklamplamp exploit attemptslamp stack targetinglamp_exploitmailoney activitymailoney honeypotmalicious activitymalicious emailmalicious softwaremalwaremalware behaviourmalware capturemalware distributionnetworknetwork infrastructurenetwork intrusion attemptsnetwork scanningnetwork securitynorth americap0fpassword attacksphishingphishing attackphishing trappotential malware distributionprocess injectionransomwarereconnaissanceresearchedresource hijackingscannerscripting attackssensor-taggedsentrypeer activitysentrypeer botnetsftpsftp access attemptsftp access attemptssftp attacksftp_attacksipsip brute forcesip scanningsip_attacksmtp probingsocial engineeringsocradar honeypotspamsshssh attackssh monitoringssh_bruteforcet1021t1021.001t1021.002t1040t1041t1055t1059t1059.004t1059.007t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1583t1589t1595t1595.001t1595.002t1595.003tannertanner activitytargeting databasetelecommunicationstelnet scanningthreat actorthreat detectionthreat intelligencetor nodetpotttpsunited statesusvoipvoip attackweb app attackweb application attackweb attackweb exploitationweb spam

Activity Timeline

1 total obs
May 25May 25

Threat Activity Heatmap

· Peak: 2026-05-25
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
42
SIGNAL
Signal Score
42%
Confidence
18
Reports
First seenMay 31, 2025
Last seenMay 25, 2026
GeolocationUS
CountryUnited States
LocationNorth Bergen, NJ
ASNAS14061
OrgDigitalOcean, LLC
Coords40.7930, -74.0247

VirusTotal

Not checked

WHOIS

description
Observed on T-Pot within last 24h; sensors=fatt, h0neytr4p, p0f, suricata; threshold?1; private IPs excluded. geo=US; ports=443; proto=https,tls Location=Sydney, Australia.
raw
NetRange: 68.183.0.0 - 68.183.255.255 CIDR: 68.183.0.0/16 NetName: DIGITALOCEAN-68-183-0-0 NetHandle: NET-68-183-0-0-1 Parent: NET68 (NET-68-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: DigitalOcean, LLC (DO-13) RegDate: 2018-09-18 Updated: 2020-04-03 Comment: Routing and Peering Policy can be found at https://www.as14061.net Comment: Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse Ref: https://rdap.arin.net/registry/ip/68.183.0.0 OrgName: DigitalOcean, LLC OrgId: DO-13 Address: 105 Edgeview Drive, Suite 425 City: Broomfield StateProv: CO PostalCode: 80021 Country: US RegDate: 2012-05-14 Updated: 2025-04-11 Ref: https://rdap.arin.net/registry/entity/DO-13 OrgTechHandle: NOC32014-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-646-827-4366 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN OrgAbuseHandle: DIGIT19-ARIN OrgAbuseName: DigitalOcean Abuse OrgAbusePhone: +1-646-827-4366 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN OrgNOCHandle: NOC32014-ARIN OrgNOCName: Network Operations Center OrgNOCPhone: +1-646-827-4366 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 17 days ago
Appeared in 18 threat reports