IOC Radar
IPMediumSignal 70/100

143.42.63.237

Location
GermanyGermany
Frankfurt am Main, Hessen
ASN
AS63949
Linode
First Seen
Jun 26, 2024
Last Seen
Jun 18, 2026
Jun 26
First Seen
726d ago
Jun 18
Last Seen
4d ago
34
Reports
source reports
70%
Confidence
medium
Found in 34 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

55 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, Hessen
ASNAS63949
OrganizationLinode

Feed Intelligence Summary

34 reports70% confidence
34
Source reports
70%
Confidence score
Category tags
abuseaccess attemptaccess controlactive scanactive scanningapacheapache attackeraptattackauthentication attackauthentication failuresauto-generated securityautomated attackautomated attacksbad reputationbad web botblacklist_ipblacklisted ip indicatorsblocked ipblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsbrute-forcebrute_forcec2 communicationc2 servercommand & controlcommand and controlcommand executioncommunication protocolcompromised hostcompromised hostscredential accesscredential guessingcredential harvestingcredential stuffingctadata encryptiondata exfiltrationdata store exposuredata theftdatabase securityddosddos attackddos attemptdedecoy systemdenial of servicedhcpdhcp discoverydistributed attackselasticsearchelasticsearch scanningencryptionenumerationenumeration activityeuropeexploitation activityexploited hostfail2ban triggeredftpftp brute forcegermanyhackinghttp brute forcehttp enumerationhttp scannerhydraidentity & access exploitationimapimap brute forceinformation gatheringinfrastructure acquisitionreconnaissanceinjection activityinjection attacksinternet-facing assetsinvalid login attemptsiociot securityiot targetedkfsensor honeypotlateral movementldapldap scanningloginlogin attacklogin attemptsmalicious activitymalicious ip addressesmalicious softwaremalwaremalware capturemalware distributionmanualmasscanmedusamemcached scanningmssqlmssql scanningnetworknetwork attacksnetwork intrusionnetwork intrusion attemptnetwork intrusion detectionnetwork monitoringnetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnmapnorth americantpntp scanningoracleoracle scanningpassword attackpassword attackspassword crackingphishingphishing attackpossible botnet activitypossible lateral movementpostgresql brute forcepotential data breachpotential intrusionprocess injectionprotocol exploitationproxyransomwarereconnaissanceredis scanningremote accessremote servicesresearchedscanscannerscanning activitysecurity operationssecurity policyserver exploitationserver securityservice enumerationservice scansmb brute forcesmb enumerationsmb scanningsmtpsmtp attackersocial engineeringsocks5socks5 scanningsocradar honeypotspamsql brute forcesql injectionsshssh attacksyn port scansyn scansystem accesst1018t1021t1021.001t1021.002t1021.004t1040t1046t1047t1055t1056t1056.001t1059t1059.003t1059.004t1059.005t1071t1071.001t1076t1077t1078t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1199t1203t1210t1486t1496t1499.001t1499.002t1499.003t1505.004t1563t1565t1566.001t1566.002t1566.003t1573t1573.001t1587.001t1589t1589.002t1590t1590.001t1595t1595.001t1595.002t1595.003targeting databasetcp protocoltcp scantcp scanningtelnet threatthreat actorthreat intelligencethreat preventiontor nodeudp port scanudp scanunauthorized accessunauthorized access attemptunited kingdomunited statesvnc protocolvnc scanningvulnerability scanweb app attackweb application attackweb brute forceweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Jun 18Jun 18

Threat Activity Heatmap

· Peak: 2026-06-18
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
70
SIGNAL
Signal Score
70%
Confidence
34
Reports
First seenJun 26, 2024
Last seenJun 18, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hessen
ASNAS63949
OrgLinode
Coords50.1109, 8.6820

VirusTotal

Not checked

WHOIS

raw
inetnum: 142.248.0.0 - 143.46.255.255 netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC remarks: ------------------------------------------------------ remarks: remarks: For registration information, remarks: you can consult the following sources: remarks: remarks: IANA remarks: http://www.iana.org/assignments/ipv4-address-space remarks: http://www.iana.org/assignments/iana-ipv4-special-registry remarks: http://www.iana.org/assignments/ipv4-recovered-address-space remarks: remarks: AFRINIC (Africa) remarks: http://www.afrinic.net/ whois.afrinic.net remarks: remarks: APNIC (Asia Pacific) remarks: http://www.apnic.net/ whois.apnic.net remarks: remarks: ARIN (Northern America) remarks: http://www.arin.net/ whois.arin.net remarks: remarks: LACNIC (Latin America and the Carribean) remarks: http://www.lacnic.net/ whois.lacnic.net remarks: remarks: ------------------------------------------------------ country: EU # Country is really world wide admin-c: IANA1-RIPE tech-c: IANA1-RIPE status: ALLOCATED UNSPECIFIED mnt-by: RIPE-NCC-HM-MNT created: 2023-07-24T14:32:43Z last-modified: 2023-07-24T14:32:43Z source: RIPE role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-RIPE tech-c: IANA1-RIPE nic-hdl: IANA1-RIPE remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: RIPE-NCC-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:31:27Z source: RIPE # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 4 days ago
Appeared in 34 threat reports