IPMediumSignal 73/100
185.242.3.252
Location
GermanyFrankfurt am Main, Hesse
ASN
AS60223
Felcloud
First Seen
Mar 23, 2026
Last Seen
May 30, 2026
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionFrankfurt am Main, Hesse
ASNAS60223
OrganizationFelcloud
Feed Intelligence Summary
15 reports73% confidence
15
Source reports
73%
Confidence score
Category tags
abuseactive scanactive scanningaptattackbad reputationblocklistbrute forcebrute force attackbrute-forcebruteforcecredential accesscredential stuffingddosddos attackdeeuropeexploitation activityexploited hostgermanyhackingidentity & access exploitationimapimap attackindicatormalicious activitymalwarenetherlandsnetworknorth americapassword attacksphishingreconnaissanceresearchedscannersmtpsmtp attackerssht1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003threat actortor nodeukraineunited statesweb app attack
Activity Timeline
May 30May 30
Threat Activity Heatmap
· Peak: 2026-05-30LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
15
Reports
First seenMar 23, 2026
Last seenMay 30, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS60223
OrgFelcloud
Coords50.1109, 8.6821
VirusTotal
Not checked
WHOIS
- raw
- NetRange: 185.0.0.0 - 185.255.255.255 CIDR: 185.0.0.0/8 NetName: RIPE-185 NetHandle: NET-185-0-0-0-1 Parent: () NetType: Allocated to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2011-01-04 Updated: 2011-02-08 Comment: These addresses have been further assigned to users in Comment: the RIPE NCC region. Contact information can be found in Comment: the RIPE database at http://www.ripe.net/whois Ref: https://rdap.arin.net/registry//ip/185.0.0.0 ResourceLink: https://apps.db.ripe.net/search/query.html ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry//entity/RIPE ReferralServer: whois://whois.ripe.net ResourceLink: https://apps.db.ripe.net/search/query.html OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry//entity/RNO29-ARIN OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry//entity/ABUSE3850-ARIN inetnum: 185.242.2.0 - 185.242.3.255 netname: ATOM country: UA org: ORG-LA1396-RIPE admin-c: VS10741-RIPE tech-c: VS10741-RIPE status: ASSIGNED PA mnt-routes: ATOM3-MNT mnt-domains: ATOM3-MNT mnt-by: ATOM3-MNT created: 2019-05-30T10:51:52Z last-modified: 2019-05-30T10:52:19Z source: RIPE organisation: ORG-LA1396-RIPE org-name: LLC "ATOM3" org-type: LIR address: Ushinskogo st. 40 address: 030151 address: Kiyv address: UKRAINE admin-c: VS10756-RIPE tech-c: VS10756-RIPE abuse-c: AR52875-RIPE mnt-ref: ATOM3-MNT mnt-ref: BMD-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: ATOM3-MNT created: 2019-05-24T14:08:56Z last-modified: 2019-05-30T10:43:01Z source: RIPE # Filtered phone: +380675008200 person: Victor Stolyarchuk address: 03186, Kiyv, Aviakonstruktore Antomova st. 5 phone: +380675008200 nic-hdl: VS10741-RIPE mnt-by: ATOM3-MNT created: 2019-05-02T19:54:03Z last-modified: 2019-05-02T19:54:03Z source: RIPE route: 185.242.2.0/23 origin: AS208846 mnt-by: ATOM3-MNT created: 2019-05-30T10:54:16Z last-modified: 2019-05-30T10:54:16Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 months ago · Last seen 14 days ago
Appeared in 15 threat reports