IPMediumSignal 75/100
144.76.198.187
Location
GermanyFalkenstein, Saxony
ASN
AS24940
Hetzner
First Seen
Jul 4, 2025
Last Seen
Feb 6, 2026
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
75%
Signal Score
75 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionFalkenstein, Saxony
ASNAS24940
OrganizationHetzner
Feed Intelligence Summary
12 reports75% confidence
12
Source reports
75%
Confidence score
Category tags
abuseactive scanningattackbotnetbrute forcebrute force attackbrute force attemptcommand and controlcommunication protocolcredential accesscredential stuffingdata exfiltrationdenial of servicedistributed attackseuropefinlandgermanyhackingindicatorlogin attacklogin brute-forcemalicious activitymalicious softwaremalwarenetworknetwork attacksnetwork intrusionnetwork service scanningpassword attacksprocess injectionreconnaissanceresearchedscannerssh attackt1021.004t1040t1055t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1565t1588t1588.004t1595.001t1595.002t1595.003tcp protocolthreat actorweb application attackweb exploitation
Activity Timeline
Feb 6Feb 6
Threat Activity Heatmap
· Peak: 2026-02-06LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
75
SIGNAL
Signal Score
75%
Confidence
12
Reports
First seenJul 4, 2025
Last seenFeb 6, 2026
GeolocationDE
CountryGermany
LocationFalkenstein, Saxony
ASNAS24940
OrgHetzner
Coords50.4754, 12.3683
VirusTotal
Not checked
WHOIS
- description
- SSH brute force IOCs collected mainly from hosts located in Finland
- raw
- inetnum: 144.76.198.160 - 144.76.198.191 netname: HETZNER-fsn1-dc11 descr: Hetzner Online GmbH descr: Datacenter fsn1-dc11 country: DE admin-c: HOAC1-RIPE tech-c: HOAC1-RIPE status: LEGACY remarks: INFRA-AW mnt-by: HOS-GUN mnt-lower: HOS-GUN mnt-routes: HOS-GUN created: 2018-03-15T14:12:08Z last-modified: 2018-03-15T14:12:08Z source: RIPE role: Hetzner Online GmbH - Contact Role address: Hetzner Online GmbH address: Industriestrasse 25 address: D-91710 Gunzenhausen address: Germany phone: +49 9831 505-0 fax-no: +49 9831 505-3 abuse-mailbox: [email protected] remarks: ************************************************* remarks: * For spam/abuse/security issues please contact * remarks: * [email protected], or fill out the form at * remarks: * abuse.hetzner.com, thank you. * remarks: ************************************************* remarks: remarks: ************************************************* remarks: * Any questions on Peering please send to * remarks: * [email protected] * remarks: ************************************************* org: ORG-HOA1-RIPE admin-c: MH375-RIPE tech-c: GM834-RIPE tech-c: SK2374-RIPE tech-c: MF1400-RIPE tech-c: SK8441-RIPE tech-c: DD15478-RIPE nic-hdl: HOAC1-RIPE mnt-by: HOS-GUN created: 2004-08-12T09:40:20Z last-modified: 2022-11-22T18:33:55Z source: RIPE # Filtered route: 144.76.0.0/16 descr: HETZNER-RZ-BLK-ERX1 origin: AS24940 org: ORG-HOA1-RIPE mnt-by: HOS-GUN created: 2012-12-17T14:21:35Z last-modified: 2012-12-17T14:21:35Z source: RIPE organisation: ORG-HOA1-RIPE org-name: Hetzner Online GmbH country: DE org-type: LIR address: Industriestrasse 25 address: D-91710 address: Gunzenhausen address: GERMANY phone: +49 9831 5050 fax-no: +49 9831 5053 admin-c: MF1400-RIPE admin-c: GM834-RIPE admin-c: HOAC1-RIPE admin-c: MH375-RIPE admin-c: SK2374-RIPE admin-c: SK8441-RIPE abuse-c: HOAC1-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: HOS-GUN mnt-by: RIPE-NCC-HM-MNT mnt-by: HOS-GUN created: 2004-04-17T11:07:58Z last-modified: 2022-11-22T18:32:44Z source: RIPE # Filtered
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 11 months ago · Last seen 4 months ago
Appeared in 12 threat reports