IPHighVerifiedSignal 86/100

`194.11.246.191`

Location

Germany

Limburg an der Lahn, Hesse

ASN

AS215117

HosterDaddy Private Limited

First Seen

Jun 9, 2026

Last Seen

Jun 26, 2026

Jun 9

First Seen

17d ago

Jun 26

Last Seen

today

397

Reports

source reports

95%

Confidence

high

Found in 397 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

95%

Signal Score

86 / 100

IDS Rule

Yes

Threat Context

Threat Actors8

RREvil KKimsuky CCl0p CConti DDarkSide TTurla HHive PPlay

Malware Families43

Network Information

Country

Germany

RegionLimburg an der Lahn, Hesse

ASNAS215117

OrganizationHosterDaddy Private Limited

Feed Intelligence Summary

397 reports95% confidence

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4471 indicators)

3771 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4473 indicators)

3769 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4481 indicators)

3774 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4217 indicators)

3509 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4210 indicators)

3505 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4225 indicators)

3513 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4236 indicators)

3522 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4238 indicators)

3526 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4328 indicators)

3609 IOCs in report

Abuse.ch ThreatFox

Today

Abuse.ch ThreatFox (4328 indicators)

3609 IOCs in report

Activity Timeline

397 total obs

Jun 26Jun 9

Threat Activity Heatmap

· Peak: 2026-06-12

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Critical

157

Critical

30d

397

Critical

3mo

397

Critical

Threat ScoreHigh Risk

SIGNAL

Signal Score

95%

Confidence

397

Reports

First seenJun 9, 2026

Last seenJun 26, 2026

Verified IOC

GeolocationDE

CountryGermany

LocationLimburg an der Lahn, Hesse

ASNAS215117

OrgHosterDaddy Private Limited

Coords50.3986, 8.0796

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

high

First detected 17 days ago · Last seen today

Appeared in 397 threat reports from 10 sources

Associated with: REvil, Kimsuky, Cl0p, Conti, DarkSide, Turla, Hive, Play

Used by malware: Pegasus, Nanocore, SocGholish, XMRig, Remcos, DarkComet, Rhysida, XorDDoS, NjRAT, WannaCry, NetWire, AsyncRAT, FormBook, AgentTesla, Stuxnet, Lumma, Dridex, Emotet, Ryuk, Mozi, XWorm, QakBot, Cobalt Strike, REvil, PowerShell Empire, Havoc, Sliver, Ursnif, Conti, NotPetya, DarkSide, Gootloader, META Stealer, Hive, Cl0p, Gh0st RAT, Play, HermeticWiper, RedLine, Stealc, Mirai, Vidar, Metasploit

194.11.246.191

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

Related Reports

VirusTotal

Export & API

IOC Journey

`194.11.246.191`