IPMediumSignal 45/100
139.59.147.3
Location
GermanyFrankfurt am Main, HE
ASN
AS14061
DigitalOcean, LLC
First Seen
Sep 19, 2025
Last Seen
May 19, 2026
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
45%
Signal Score
45 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionFrankfurt am Main, HE
ASNAS14061
OrganizationDigitalOcean, LLC
Feed Intelligence Summary
10 reports45% confidence
10
Source reports
45%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney honeypotattackaustraliabad reputationbad web botbotnetbotnet activitybrute forcebrute force attackciscocisco brute forcecisco devicecommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosdedecoy systemdenial of servicedevice managementdionaeadionaea honeypotemailenterprise networkingeuropeexploitexploitation activityexploited hostfattftpftp brute forcegermanyhackinghoneytrap honeypothttp scanneridentity & access exploitationindicatorinjection activitylampmailoney honeypotmalicious activitymalicious payloadmalicious softwaremalwaremalware behaviourmalware capturenetworknetwork infrastructurenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisoceaniap0fpassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationransomwarereconnaissanceremote servicesresearchedresource hijackingsansscannerscanning activityscripting attacksself-signedsensor-taggedsentrypeer botnetservice scansftpsftp attacksipsip brute forcesip scanningsmtpsmtp probingsocial engineeringsshssh attackssh monitoringt1021t1040t1041t1046t1055t1059t1059.007t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotvoipvoip attackvulnerability scanweb application attackweb attackweb exploitationweb traffic
Activity Timeline
May 19May 19
Threat Activity Heatmap
· Peak: 2026-05-19LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
45
SIGNAL
Signal Score
45%
Confidence
10
Reports
First seenSep 19, 2025
Last seenMay 19, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, HE
ASNAS14061
OrgDigitalOcean, LLC
Coords50.1188, 8.6843
VirusTotal
Not checked
WHOIS
- raw
- NetRange: 139.59.0.0 - 139.59.255.255 CIDR: 139.59.0.0/16 NetName: APNIC-ERX-139-59-0-0 NetHandle: NET-139-59-0-0-1 Parent: NET139 (NET-139-0-0-0-0) NetType: Early Registrations, Transferred to APNIC OriginAS: Organization: Asia Pacific Network Information Centre (APNIC) RegDate: 2004-03-03 Updated: 2009-10-08 Comment: This IP address range is not registered in the ARIN database. Comment: This range was transferred to the APNIC Whois Database as Comment: part of the ERX (Early Registration Transfer) project. Comment: For details, refer to the APNIC Whois Database via Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl Comment: Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry Comment: for the Asia Pacific region. APNIC does not operate networks Comment: using this IP address range and is not able to investigate Comment: spam or abuse reports relating to these addresses. For more Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming Ref: https://rdap.arin.net/registry/ip/139.59.0.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: whois.apnic.net OrgName: Asia Pacific Network Information Centre OrgId: APNIC Address: PO Box 3646 City: South Brisbane StateProv: QLD PostalCode: 4101 Country: AU RegDate: Updated: 2012-01-24 Ref: https://rdap.arin.net/registry/entity/APNIC ReferralServer: whois://whois.apnic.net ResourceLink: http://wq.apnic.net/whois-search/static/search.html OrgAbuseHandle: AWC12-ARIN OrgAbuseName: APNIC Whois Contact OrgAbusePhone: +61 7 3858 3188 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN OrgTechHandle: AWC12-ARIN OrgTechName: APNIC Whois Contact OrgTechPhone: +61 7 3858 3188 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN inetnum: 139.59.128.0 - 139.59.159.255 netname: DIGITALOCEAN-AP descr: DigitalOcean, LLC country: DE admin-c: DOIA2-AP tech-c: DOIA2-AP abuse-c: AD699-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-DIGITALOCEAN-AP mnt-irt: IRT-DIGITALOCEAN-AP last-modified: 2020-05-31T21:37:28Z source: APNIC irt: IRT-DIGITALOCEAN-AP address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: DOIA2-AP tech-c: DOIA2-AP auth: # Filtered remarks: [email protected] is invalid remarks: [email protected] is invalid mnt-by: MAINT-DIGITALOCEAN-AP last-modified: 2026-03-04T13:09:28Z source: APNIC role: ABUSE DIGITALOCEANAP country: ZZ address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021 phone: +000000000 e-mail: [email protected] admin-c: DOIA2-AP tech-c: DOIA2-AP nic-hdl: AD699-AP remarks: Generated from irt object IRT-DIGITALOCEAN-AP remarks: [email protected] is invalid remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2026-03-04T13:11:16Z source: APNIC role: Digital Ocean Inc administrator address: 105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021 country: US phone: +1 646-827-4366 fax-no: +1 646-827-4366 e-mail: [email protected] admin-c: DOIA2-AP tech-c: DOIA2-AP nic-hdl: DOIA2-AP mnt-by: MAINT-DIGITALOCEAN-AP last-modified: 2025-04-11T18:24:27Z source: APNIC
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 8 months ago · Last seen 27 days ago
Appeared in 10 threat reports