IPMediumSignal 61/100
46.224.26.85
Location
GermanyNuremberg, Bavaria
ASN
AS24940
Hetzner
First Seen
Jan 14, 2026
Last Seen
May 21, 2026
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
61%
Signal Score
61 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionNuremberg, Bavaria
ASNAS24940
OrganizationHetzner
Feed Intelligence Summary
15 reports61% confidence
15
Source reports
61%
Confidence score
Category tags
abuseactive scanactive scanningaptattackautomated attackbad reputationbotnet activitybrute forcebrute force attackbrute force attemptbrute-forcebruteforcecowriecowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposurededecoy systemeuropeexploitation activityftp brute forcegermanyhoneytrap honeypothttp scanningidentity & access exploitationindicatoriran, islamic republic oflamplamp stack attackmalicious activitymalwarenetworknetwork intrusionnetwork scanningpassword attackspossible mirai variantreconnaissanceresearchedscannerservice scansftpsftp activitysftp attacksshssh attackssh monitoringt1021t1041t1059t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1589t1595t1595.001t1595.002t1595.003threat actorthreat detectionthreat intelligencetor nodeudp port scan
Activity Timeline
May 21May 21
Threat Activity Heatmap
· Peak: 2026-05-21LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
61
SIGNAL
Signal Score
61%
Confidence
15
Reports
First seenJan 14, 2026
Last seenMay 21, 2026
GeolocationDE
CountryGermany
LocationNuremberg, Bavaria
ASNAS24940
OrgHetzner
Coords35.6980, 51.4115
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 46.224.16.0 - 46.224.31.255 netname: CLOUD-NBG1 country: DE admin-c: HOAC1-RIPE tech-c: HOAC1-RIPE remarks: INFRA-AW status: ASSIGNED PA mnt-by: HOS-GUN created: 2025-09-24T08:16:24Z last-modified: 2025-09-24T08:16:24Z source: RIPE role: Hetzner Online GmbH - Contact Role address: Hetzner Online GmbH address: Industriestrasse 25 address: D-91710 Gunzenhausen address: Germany phone: +49 9831 505-0 fax-no: +49 9831 505-3 abuse-mailbox: [email protected] remarks: ************************************************* remarks: * For spam/abuse/security issues please contact * remarks: * [email protected], or fill out the form at * remarks: * abuse.hetzner.com, thank you. * remarks: ************************************************* remarks: remarks: ************************************************* remarks: * Any questions on Peering please send to * remarks: * [email protected] * remarks: ************************************************* org: ORG-HOA1-RIPE admin-c: MH375-RIPE tech-c: GM834-RIPE tech-c: SK2374-RIPE tech-c: MF1400-RIPE tech-c: SK8441-RIPE tech-c: DD15478-RIPE nic-hdl: HOAC1-RIPE mnt-by: HOS-GUN created: 2004-08-12T09:40:20Z last-modified: 2022-11-22T18:33:55Z source: RIPE # Filtered route: 46.224.0.0/15 descr: HETZNER-DC origin: AS24940 org: ORG-HOA1-RIPE mnt-by: HOS-GUN created: 2025-09-12T10:55:40Z last-modified: 2025-09-12T10:55:40Z source: RIPE organisation: ORG-HOA1-RIPE org-name: Hetzner Online GmbH country: DE org-type: LIR address: Industriestrasse 25 address: D-91710 address: Gunzenhausen address: GERMANY phone: +49 9831 5050 fax-no: +49 9831 5053 admin-c: MF1400-RIPE admin-c: GM834-RIPE admin-c: HOAC1-RIPE admin-c: MH375-RIPE admin-c: SK2374-RIPE admin-c: SK8441-RIPE abuse-c: HOAC1-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: HOS-GUN mnt-by: RIPE-NCC-HM-MNT mnt-by: HOS-GUN created: 2004-04-17T11:07:58Z last-modified: 2022-11-22T18:32:44Z source: RIPE # Filtered
- references
- https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 4 months ago · Last seen 23 days ago
Appeared in 15 threat reports