IPMediumSignal 38/100
68.183.66.25
Location
GermanyFrankfurt am Main, HE
ASN
AS14061
DigitalOcean, LLC
First Seen
Oct 21, 2024
Last Seen
Apr 10, 2026
Found in 19 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
38%
Signal Score
38 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionFrankfurt am Main, HE
ASNAS14061
OrganizationDigitalOcean, LLC
Feed Intelligence Summary
19 reports38% confidence
19
Source reports
38%
Confidence score
Category tags
abuseaccess attemptaccess controlactive scanactive scanningatif feedattackaustraliaauthentication attackauthentication attacksauthentication attemptsauthentication failuresautomated attacksbad reputationbad web botbanlist feedbinary defensebotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute-forccisco devicecommand and controlcompromised credentialscowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposureddosdedecoy systemdenial of servicedenial-of-servicedevice managementdistributed attacksenterprise networkingeuropeexploitation activityfail2ban triggeredfailed authenticationfailed login attemptsfailed loginsftp brute forceftp brute-forcegb-originating trafficgermanyhackinghoneytrap honeypothttp brute forceidentity & access exploitationinfoinfrastructure acquisitionreconnaissanceinitial accessinjection activityintrusion detectionlamplogin attackslogin attemptsmailoney honeypotmalicious activitymalicious softwaremalwaremanualnetworknetwork infrastructurenetwork intrusionnetwork probingnetwork scanningnetwork securitynoticeoceaniapassword attackspassword crackingphishingphishing attackphishing trapprocess injectionproxyransomwarereconnaissanceresearchedscannerscanning activitysecurity operationssftp attacksocial engineeringsocradar honeypotssh attackssh monitoringt1021t1040t1041t1046t1055t1059t1059.001t1059.004t1059.005t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1587.001t1589t1590.001t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat detectionthreat intelligencetor nodeunauthorized accessunauthorized access attemptsunited kingdomweb application attackweb exploitation
Activity Timeline
Apr 10Apr 10
Threat Activity Heatmap
· Peak: 2026-04-10LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
38
SIGNAL
Signal Score
38%
Confidence
19
Reports
First seenOct 21, 2024
Last seenApr 10, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, HE
ASNAS14061
OrgDigitalOcean, LLC
Coords50.1188, 8.6843
VirusTotal
Not checked
WHOIS
- description
- Banned by Fail2Ban [sshd]
- raw
- inetnum: 68.70.208.0 - 69.5.255.255 netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC remarks: ------------------------------------------------------ remarks: remarks: For registration information, remarks: you can consult the following sources: remarks: remarks: IANA remarks: http://www.iana.org/assignments/ipv4-address-space remarks: http://www.iana.org/assignments/iana-ipv4-special-registry remarks: http://www.iana.org/assignments/ipv4-recovered-address-space remarks: remarks: AFRINIC (Africa) remarks: http://www.afrinic.net/ whois.afrinic.net remarks: remarks: APNIC (Asia Pacific) remarks: http://www.apnic.net/ whois.apnic.net remarks: remarks: ARIN (Northern America) remarks: http://www.arin.net/ whois.arin.net remarks: remarks: LACNIC (Latin America and the Carribean) remarks: http://www.lacnic.net/ whois.lacnic.net remarks: remarks: ------------------------------------------------------ country: EU # Country is really world wide admin-c: IANA1-RIPE tech-c: IANA1-RIPE status: ALLOCATED UNSPECIFIED mnt-by: RIPE-NCC-HM-MNT created: 2019-01-07T10:49:59Z last-modified: 2019-01-07T10:49:59Z source: RIPE role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-RIPE tech-c: IANA1-RIPE nic-hdl: IANA1-RIPE remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: RIPE-NCC-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:31:27Z source: RIPE # Filtered
- references
- https://github.com/telekom-security/tpotce, https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt, https://redpiranha.net
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 2 months ago
Appeared in 19 threat reports