IOC Radar
IPMediumSignal 27/100

64.227.120.177

Location
GermanyGermany
Frankfurt am Main, HE
ASN
AS14061
DigitalOcean, LLC
First Seen
Dec 3, 2022
Last Seen
Mar 31, 2026
Dec 3
First Seen
1297d ago
Mar 31
Last Seen
84d ago
15
Reports
source reports
27%
Confidence
medium
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
27%
Signal Score
27 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

27 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, HE
ASNAS14061
OrganizationDigitalOcean, LLC

Feed Intelligence Summary

15 reports27% confidence
15
Source reports
27%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney honeypotattackbad reputationbinaryedge-benignbotnetbotnet activitybrute forcebrute force attackbrute force attemptsciscocisco devicecisco exploitation attemptscommand and controlconpotconpot honeypotcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposurededecoy systemdevice managementdionaea honeypotdistributed attacksemailenterprise networkingeuropeexploitation activitygermanyhoneytrap honeypotics securityidentity & access exploitationindustrial control systemsinjection activityiot device targetingiot securityiot/ics attackipphoney honeypotlampmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork infrastructurenetwork probingnetwork scanningnetwork securitypassword attacksphishingphishing attackphishing trapprocess injectionproxyreconnaissanceresearchedscannerself-signedsftpsftp attacksocial engineeringsshssh attackssh monitoringsurface webt1041t1046t1055t1059t1068t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat detectionthreat intelligencetor nodeverified-benignweb scanner

Activity Timeline

1 total obs
Mar 31Mar 31

Threat Activity Heatmap

· Peak: 2026-03-31
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
27
SIGNAL
Signal Score
27%
Confidence
15
Reports
First seenDec 3, 2022
Last seenMar 31, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, HE
ASNAS14061
OrgDigitalOcean, LLC
Coords50.1188, 8.6843

VirusTotal

Not checked

WHOIS

description
2025-01-27T09:47:08.050586600Z Honeypot : Ipphoney : Source: 64.227.120.177 : Port: 631 Query: N/A request_method: GET
raw
inetnum: 64.226.192.0 - 64.235.255.255 netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC remarks: ------------------------------------------------------ remarks: remarks: For registration information, remarks: you can consult the following sources: remarks: remarks: IANA remarks: http://www.iana.org/assignments/ipv4-address-space remarks: http://www.iana.org/assignments/iana-ipv4-special-registry remarks: http://www.iana.org/assignments/ipv4-recovered-address-space remarks: remarks: AFRINIC (Africa) remarks: http://www.afrinic.net/ whois.afrinic.net remarks: remarks: APNIC (Asia Pacific) remarks: http://www.apnic.net/ whois.apnic.net remarks: remarks: ARIN (Northern America) remarks: http://www.arin.net/ whois.arin.net remarks: remarks: LACNIC (Latin America and the Carribean) remarks: http://www.lacnic.net/ whois.lacnic.net remarks: remarks: ------------------------------------------------------ country: EU # Country is really world wide admin-c: IANA1-RIPE tech-c: IANA1-RIPE status: ALLOCATED UNSPECIFIED mnt-by: RIPE-NCC-HM-MNT created: 2024-04-03T13:54:22Z last-modified: 2024-04-03T13:54:22Z source: RIPE role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-RIPE tech-c: IANA1-RIPE nic-hdl: IANA1-RIPE remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: RIPE-NCC-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:31:27Z source: RIPE # Filtered
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 2 months ago
Appeared in 15 threat reports