IOC Radar
IPMediumSignal 27/100

138.197.184.45

Location
GermanyGermany
Frankfurt am Main, Rheinland-Pfalz
ASN
AS14061
DigitalOcean, LLC
First Seen
Jan 15, 2024
Last Seen
Apr 28, 2026
Jan 15
First Seen
881d ago
Apr 28
Last Seen
46d ago
13
Reports
source reports
27%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
27%
Signal Score
27 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, Rheinland-Pfalz
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

13 reports27% confidence
13
Source reports
27%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney honeypotattackbad reputationbotnetbotnet activitybrute forcebrute force attackbruteforcecommand and controlcommunication protocolcowrie honeypotcowrie honeypot datacredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposurededecoy systemdionaea honeypotdistributed attackseuropeexploit public-facing applicationexploitation activitygermanyhackinghoneytrap honeypotidentity & access exploitationindicatorinitial accessinjection activityipphoney honeypotlamplamp exploit attemptslamp exploitation attemptsmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork probingnetwork scanningnetwork securitynetwork service scanningnorth americapassword attacksphishingphishing attackphishing trapprobingprocess injectionreconnaissanceresearchedresource hijackingscannersentrypeer botnetservice scansftp attacksftp exploit attemptsocial engineeringsql injectionssh attackssh monitoringt1021t1021.004t1040t1041t1046t1055t1059t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationsthreat actorthreat detectionthreat intelligencetor nodeunauthorized access attemptunited statesvoipvoip attackweb app attackweb scannerwebscanwebscanner

Activity Timeline

1 total obs
Apr 28Apr 28

Threat Activity Heatmap

· Peak: 2026-04-28
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
27
SIGNAL
Signal Score
27%
Confidence
13
Reports
First seenJan 15, 2024
Last seenApr 28, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Rheinland-Pfalz
ASNAS14061
OrgDigitalOcean, LLC
Coords49.7833, 7.5000

VirusTotal

Not checked

WHOIS

description
2025-02-19T09:18:51.321Z Honeypot : Cowrie : Source: 138.197.184.45 Data: New connection: 138.197.184.45:34852 (172.25.0.2:23) [session: 9ec019184cce]
raw
inetnum: 138.196.0.0 - 138.197.255.255 netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC remarks: ------------------------------------------------------ remarks: remarks: For registration information, remarks: you can consult the following sources: remarks: remarks: IANA remarks: http://www.iana.org/assignments/ipv4-address-space remarks: http://www.iana.org/assignments/iana-ipv4-special-registry remarks: http://www.iana.org/assignments/ipv4-recovered-address-space remarks: remarks: AFRINIC (Africa) remarks: http://www.afrinic.net/ whois.afrinic.net remarks: remarks: APNIC (Asia Pacific) remarks: http://www.apnic.net/ whois.apnic.net remarks: remarks: ARIN (Northern America) remarks: http://www.arin.net/ whois.arin.net remarks: remarks: LACNIC (Latin America and the Carribean) remarks: http://www.lacnic.net/ whois.lacnic.net remarks: remarks: ------------------------------------------------------ country: EU # Country is really world wide admin-c: IANA1-RIPE tech-c: IANA1-RIPE status: ALLOCATED UNSPECIFIED mnt-by: RIPE-NCC-HM-MNT created: 2019-01-07T10:48:25Z last-modified: 2019-01-07T10:48:25Z source: RIPE role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-RIPE tech-c: IANA1-RIPE nic-hdl: IANA1-RIPE remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: RIPE-NCC-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:31:27Z source: RIPE # Filtered
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 month ago
Appeared in 13 threat reports