IPMediumSignal 55/100
164.92.233.170
Location
GermanyFrankfurt am Main, Hesse
ASN
AS14061
DigitalOcean, LLC
First Seen
Aug 31, 2025
Last Seen
Jun 2, 2026
Found in 21 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionFrankfurt am Main, Hesse
ASNAS14061
OrganizationDigitalOcean, LLC
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
21 reports55% confidence
21
Source reports
55%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney honeypotapacheapache attackeraptattackattacker ipsaustraliaauthentication attemptauthentication attemptsbad reputationbad web botblog spambotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute-forcebruteforceciscocisco asa targetedcisco devicecisco exploitationcommand and controlcommunication protocolconpotconpot honeypotcowriecowrie datacowrie honeypotcredential accesscredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackdedecoy systemdenial of servicedevice managementdionaeadionaea honeypotelasticpot honeypotelasticsearch monitoringemailencryptionenterprise networkingeuropeexploitexploit attemptsexploitation activityexploitation attemptsexploitation of privilegeexploited hostexternal threatfattftpftp brute forcegermanyhackinghoneytrap honeypothttp brute forcehttp scannerhttp scanningics securityidentity & access exploitationindustrial control systemsinjection activityinjection attacksintrusion detectioniociot securityiot/ics attackipv4lamplamp exploitationlamp stack attacklamp stack targetinglateral movementlogin attemptlogin attemptsmailoney honeypotmalicious activitymalwaremalware behaviourmalware capturemonthlymssqlnetworknetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnorth americaoceaniaodin-benignopen proxyopenctip0fpassword attackspassword sprayingphishingphishing attackphishing trapping of deathpossible credential stuffingpossible mirai variantpotential lateral movementprotocol exploitationproxyransomwarereconnaissanceredis honeypotredishoneypotremote accessremote access attemptremote loginremote service exploitationresearchedresource hijackingsansscannerscanning activityscripting attackssensor-taggedsentrypeer botnetservice scansftpsftp access attemptsftp activitysftp attacksftp probingsipsip scanningsmtp brute forcesocial engineeringsocradar honeypotsoftware exploitationspamsshssh attackssh monitoringt1021t1021.001t1021.002t1021.004t1040t1041t1059t1059.003t1059.004t1059.007t1071.001t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnettelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotudp port scanunauthorized access attemptsunauthorized login attemptsunited statesverified-benignvoipvoip attackvpnvpn ipweb app attackweb application attackweb attackweb exploitationweb spamweb traffic
Activity Timeline
Jun 2Jun 2
Threat Activity Heatmap
· Peak: 2026-06-02LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
21
Reports
First seenAug 31, 2025
Last seenJun 2, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS14061
OrgDigitalOcean, LLC
Coords37.7510, -97.8220
ProxyVPN
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 164.82.0.0 - 164.93.127.255 netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC remarks: ------------------------------------------------------ remarks: remarks: For registration information, remarks: you can consult the following sources: remarks: remarks: IANA remarks: http://www.iana.org/assignments/ipv4-address-space remarks: http://www.iana.org/assignments/iana-ipv4-special-registry remarks: http://www.iana.org/assignments/ipv4-recovered-address-space remarks: remarks: AFRINIC (Africa) remarks: http://www.afrinic.net/ whois.afrinic.net remarks: remarks: APNIC (Asia Pacific) remarks: http://www.apnic.net/ whois.apnic.net remarks: remarks: ARIN (Northern America) remarks: http://www.arin.net/ whois.arin.net remarks: remarks: LACNIC (Latin America and the Carribean) remarks: http://www.lacnic.net/ whois.lacnic.net remarks: remarks: ------------------------------------------------------ country: EU # Country is really world wide admin-c: IANA1-RIPE tech-c: IANA1-RIPE status: ALLOCATED UNSPECIFIED mnt-by: RIPE-NCC-HM-MNT created: 2019-01-07T10:49:17Z last-modified: 2019-01-07T10:49:17Z source: RIPE role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-RIPE tech-c: IANA1-RIPE nic-hdl: IANA1-RIPE remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: RIPE-NCC-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:31:27Z source: RIPE # Filtered
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 10 months ago · Last seen 26 days ago
Appeared in 21 threat reports