IPMediumSignal 100/100
164.92.241.43
Location
GermanyFrankfurt am Main, Hesse
ASN
AS14061
DigitalOcean, LLC
First Seen
Dec 28, 2024
Last Seen
Dec 1, 2025
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionFrankfurt am Main, Hesse
ASNAS14061
OrganizationDigitalOcean, LLC
IP Category
⬢
Hosting
Hosting provider
Feed Intelligence Summary
16 reports99% confidence
16
Source reports
99%
Confidence score
Category tags
abuseactive scanningattackaustraliaauthenticationauto-generated securitybotnetbrute forcebrute force attackbrute force attemptcisco devicecommand and controlcowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdedecoy systemdevice managementdistributed attacksenterprise networkingeuropegermanyindicatorloginmalicious activitymalicious softwaremalwarenetworknetwork infrastructurenetwork scanningnetwork securitynorth americaoceaniapassword attackpassword attacksphishing attackprocess injectionprotocol exploitationreconnaissanceremote accessresearchedscannersftp attacksocial engineeringssh attackssh monitoringt1021.004t1040t1041t1055t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1588.004t1589.002t1595.001t1595.002t1595.003telecommunicationstelnet threatthreat actorthreat intelligenceunited states
Activity Timeline
Dec 1Dec 1
Threat Activity Heatmap
· Peak: 2025-12-01LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
16
Reports
First seenDec 28, 2024
Last seenDec 1, 2025
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS14061
OrgDigitalOcean, LLC
Coords50.1169, 8.6837
Hosting
VirusTotal
Not checked
WHOIS
- description
- Host bruteforcing SSH
- raw
- inetnum: 164.82.0.0 - 164.93.127.255 netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC remarks: ------------------------------------------------------ remarks: remarks: For registration information, remarks: you can consult the following sources: remarks: remarks: IANA remarks: http://www.iana.org/assignments/ipv4-address-space remarks: http://www.iana.org/assignments/iana-ipv4-special-registry remarks: http://www.iana.org/assignments/ipv4-recovered-address-space remarks: remarks: AFRINIC (Africa) remarks: http://www.afrinic.net/ whois.afrinic.net remarks: remarks: APNIC (Asia Pacific) remarks: http://www.apnic.net/ whois.apnic.net remarks: remarks: ARIN (Northern America) remarks: http://www.arin.net/ whois.arin.net remarks: remarks: LACNIC (Latin America and the Carribean) remarks: http://www.lacnic.net/ whois.lacnic.net remarks: remarks: ------------------------------------------------------ country: EU # Country is really world wide admin-c: IANA1-RIPE tech-c: IANA1-RIPE status: ALLOCATED UNSPECIFIED mnt-by: RIPE-NCC-HM-MNT created: 2019-01-07T10:49:17Z last-modified: 2019-01-07T10:49:17Z source: RIPE role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-RIPE tech-c: IANA1-RIPE nic-hdl: IANA1-RIPE remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: RIPE-NCC-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:31:27Z source: RIPE # Filtered
- references
- https://redpiranha.net, https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 6 months ago
Appeared in 16 threat reports