IPMediumSignal 56/100
97.107.131.17
Location
United StatesCedar Knolls, New Jersey
ASN
AS63949
Linode
First Seen
Feb 18, 2025
Last Seen
Jun 6, 2026
Found in 24 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
56%
Signal Score
56 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionCedar Knolls, New Jersey
ASNAS63949
OrganizationLinode
IP Category
⟲
Proxy
Proxy server
Feed Intelligence Summary
24 reports56% confidence
24
Source reports
56%
Confidence score
Category tags
abuseaccount compromiseactive scanactive scanningapacheapache attackerapi keyasiaattackattack surface discoveryaustraliaback orificebad reputationbad web botblocklist_allblog spambotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute-forcebruteforcecctv dvrcisco devicecisco exploitation attemptscloud infrastructurecloud infrastructure attackcloud servicescommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdefault companydenial of servicedevice managementdigital oceandionaeadionaea honeypotenterprise networkingexploitexploit attemptexploitationexploitation activityexploited hostexternal threatfattfirstfortiosfraud voipftp brute forceftp brute-forcegpongraph summaryhackinghardcoded passwordhoneytrap datahoneytrap honeypothttp brute forceidentity & access exploitationimapimap attackindicatorindicators of compromiseinjection activityinjection attacksinput validation bypassintrusion detectionipv4 addressesjoinlamplamp stack targetinglamp vulnerability scanlateral movementmailoney honeypotmalaysiamalicious activitymalwaremalware behaviourmalware capturemalware propagationmobile threatmozinetgearnetworknetwork infrastructurenetwork intrusion attemptsnetwork probingnetwork scanningnetwork securitynetwork service scanningnodejsnorth americaoceaniaopenctip0fpassword attackspath traversalphishingphishing attackphishing trapping of deathproxyproxy authentication bypassransomwarereconnaissanceremote accessremote command injectionremote servicesresearchresearchedresource hijackingscams & fraudscannerscannersscanning activitysensor-taggedsentrypeer botnetsentrypeer detectionservice scansftp attacksftp exploitation attemptsip brute forcesip scanningsmtpsmtp attackersocial engineeringspamsql injectionsshssh attackssh monitoringssh-brutesystembct1021t1021.001t1040t1041t1046t1055t1059t1059.003t1059.004t1071t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1189t1190t1203t1204.002t1486t1496t1499.001t1499.002t1563t1566t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetcp scantelecommunicationsthreat actorthreat detectionthreat intelligencetor nodetpotudp scanunauthorized activityunited statesunited states of americausvalue avoipvoip attackvulnerability scanvulnerability-exploitationweb app attackweb application attackweb application exploitationweb exploitationweb spamwhois lookupszivif
Activity Timeline
Jun 6Jun 6
Threat Activity Heatmap
· Peak: 2026-06-06LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
56
SIGNAL
Signal Score
56%
Confidence
24
Reports
First seenFeb 18, 2025
Last seenJun 6, 2026
GeolocationUS
CountryUnited States
LocationCedar Knolls, New Jersey
ASNAS63949
OrgLinode
Coords40.8218, -74.4500
Proxy
VirusTotal
Not checked
WHOIS
- description
- IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
- raw
- Akamai Technologies, Inc. LINODE-US (NET-97-107-128-0-1) 97.107.128.0 - 97.107.143.255 Linode LINODE (NET-97-107-128-0-2) 97.107.128.0 - 97.107.143.255
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 8 days ago
Appeared in 24 threat reports