IPMediumSignal 59/100
188.166.166.243
Location
GermanyFrankfurt am Main, Lower Saxony
ASN
AS14061
Digitalocean
First Seen
Aug 14, 2025
Last Seen
Nov 14, 2025
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
59%
Signal Score
59 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionFrankfurt am Main, Lower Saxony
ASNAS14061
OrganizationDigitalocean
Feed Intelligence Summary
20 reports59% confidence
20
Source reports
59%
Confidence score
Category tags
abuseaccess controlactive scanningapacheapache attackerattackaustraliaautomated attackbad web botbotnetbrute forcebrute force attackbrute force attemptbrute force attemptscloud computingcloud migrationcloud securitycloud storagecommand and controlcommunication protocolcompromised credentialscowrie honeypotcowrie interactionscowrie ssh honeypotcredential accesscredential stuffingdata exfiltrationddos probedecoy systemdenial of servicedionaea honeypotdionaea interactionsdirectory traversal attackdistributed attackseuropeexploitation of vulnerabilityexploited hostfattfatt signaturesftpftp attackftp brute forceftp brute-forcegermanyhackinghoneytrap honeypothoneytrap interactionshttp attackhttp probinghttp scannerindicatorinput sanitization failureinput validation bypasslamplamp server attackmailoney honeypotmailoney interactionsmalicious activitymalicious sftp activitymalicious softwaremalicious ssh activitymalwaremalware behaviourmalware capturemulti-cloud managementnetworknetwork attacksnetwork intrusionnetwork intrusion attemptsnetwork intrusion detectionnetwork protocolnetwork scanningnetwork securitynetwork service scanningoceaniap0fp0f signaturespassword attackpassword attackspath traversalphishing attackphishing trappotential malware activityprocess injectionprotocol exploitationreconnaissanceremote accessresearchedresource hijackingscannerscanning activitysecurity policysensor-taggedsentrypeer botnetsentrypeer interactionssftp attacksmtp probingsocradar honeypotsql injection attemptssh attackssh monitoringsuricata alertst1021t1021.004t1040t1041t1046t1055t1059t1068t1071t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1203t1486t1496t1499.001t1499.002t1499.003t1565t1589t1592t1592.004t1595t1595.001t1595.002t1595.003tannertanner interactionstcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontpotunauthorized access attemptunauthorized loginvoipvoip attackweb application attackweb application exploitationweb exploitationweb serverweb server vulnerabilityweb traffic
Activity Timeline
Nov 14Nov 14
Threat Activity Heatmap
· Peak: 2025-11-14LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
59
SIGNAL
Signal Score
59%
Confidence
20
Reports
First seenAug 14, 2025
Last seenNov 14, 2025
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Lower Saxony
ASNAS14061
OrgDigitalocean
Coords52.4308, 7.0683
VirusTotal
Not checked
WHOIS
- description
- Observed on T-Pot within last 24h; sensors=fatt, p0f, suricata, tanner; threshold?1; private IPs excluded.
- raw
- inetnum: 188.166.160.0 - 188.166.167.255 netname: DIGITALOCEAN country: DE admin-c: PT7353-RIPE tech-c: PT7353-RIPE status: ASSIGNED PA mnt-by: digitalocean created: 2019-04-17T14:04:35Z last-modified: 2019-04-17T14:04:35Z source: RIPE person: DigitalOcean Network Operations address: 105 Edgeview Drive, Suite 425 address: Broomfield, Colorado 80021 address: United States of America phone: +16468274366 nic-hdl: PT7353-RIPE mnt-by: digitalocean created: 2015-03-11T16:37:07Z last-modified: 2025-04-11T19:39:01Z source: RIPE # Filtered org: ORG-DOI2-RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 10 months ago · Last seen 7 months ago
Appeared in 20 threat reports