165.22.25.199 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 165.22.25.199 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: Germany
• Network:
• Noticed: 1 times
• Protocols Attacked: portscan ssh
• Passive DNS Results: mongodb-production-intgrtns-48ab5ec1.mongo.ondigitalocean.com welcome.fifteenseconds.co education.fifteenseconds.co

Malware Detected on Host

Count: 8 d5071146b4c414267595285cdacad75b379f2d07f97300a13eb3fe7e86bffe3f a2d9f9d4ef1fbd6ce3e54419c64e8e12c46194f8d7f2be6c1b2c41f4b9e185c2 cb5ffb0a31b9a1b51f4a76ef84c22a542595e8cd4d2c02cc7cbfcba9b40b57e4 8c5377770a5d13e917562d4fcb4b0927bd73a2c21dfa754076db3dd9332547ec 99e2fe371b9744636f968c5fd5cae09b82e65b49148e2a291660a8c42a91a83c 4fd3dc193507b03eaa73577756cd9335379fd0caa38fc98d36705ea9a045e792 b5e6fdad23900a0fa5eec62cb96295a178e7ca42a00014ddb4640d75f194750d 4a5da87eb957b185d07eba27ceadcb4231e8d9bdad743ae93567f040d76146c2

Open Ports Detected

9273

Map

Whois Information

• NetRange: 165.22.0.0 - 165.22.255.255
• CIDR: 165.22.0.0/16
• NetName: DIGITALOCEAN-165-22-0-0
• NetHandle: NET-165-22-0-0-1
• Parent: NET165 (NET-165-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: DigitalOcean, LLC (DO-13)
• RegDate: 2018-10-16
• Updated: 2020-04-03
• Comment: Routing and Peering Policy can be found at https://www.as14061.net
• Comment:
• Ref: https://rdap.arin.net/registry/ip/165.22.0.0
• OrgName: DigitalOcean, LLC
• OrgId: DO-13
• Address: 105 Edgeview Drive, Suite 425
• City: Broomfield
• StateProv: CO
• PostalCode: 80021
• Country: US
• RegDate: 2012-05-14
• Updated: 2025-04-11
• Ref: https://rdap.arin.net/registry/entity/DO-13
• OrgNOCHandle: NOC32014-ARIN
• OrgNOCName: Network Operations Center
• OrgNOCPhone: +1-646-827-4366
• OrgNOCEmail: noc@digitalocean.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
• OrgAbuseHandle: DIGIT19-ARIN
• OrgAbuseName: DigitalOcean Abuse
• OrgAbusePhone: +1-646-827-4366
• OrgAbuseEmail: abuse@digitalocean.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN
• OrgTechHandle: NOC32014-ARIN
• OrgTechName: Network Operations Center
• OrgTechPhone: +1-646-827-4366
• OrgTechEmail: noc@digitalocean.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

Links to attack logs

digitaloceansingapore-ssh-bruteforce-ip-list-2026-03-02