IOC Radar
IPMediumSignal 52/100

144.91.75.135

Location
United KingdomUnited Kingdom
Lauterbourg, Grand-Est
ASN
AS51167
Contabo GmbH
First Seen
Dec 17, 2023
Last Seen
Apr 27, 2026
Dec 17
First Seen
909d ago
Apr 27
Last Seen
47d ago
19
Reports
source reports
52%
Confidence
medium
Found in 19 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
52%
Signal Score
52 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Network Information

CountryGBUnited Kingdom
RegionLauterbourg, Grand-Est
ASNAS51167
OrganizationContabo GmbH

Feed Intelligence Summary

19 reports52% confidence
19
Source reports
52%
Confidence score
Category tags
abuseactive scanactive scanningattackaustraliaauthenticationauthentication abuseauthentication attackauthentication failurebad reputationblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute-forcec2command & controlcommand and controlcompromised systemcowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposureddosddos preparationdecoy systemdistributed attackseuropeexploitation activityfrfranceftp brute-forcegermanyidentity & access exploitationindicatorinitial accessinjection activitylogin attackmalicious activitymalicious softwaremalwarenetworknetwork intrusionnetwork perimeternetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnorth americaoceaniapassword attackpassword attackspassword crackingphishingprocess injectionreconnaissanceremote accessresearchedscannerscanning activitysecurity operationsservice scansshssh attackssh monitoringt1021t1021.004t1055t1059t1059.004t1071t1071.001t1078t1078.002t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1573t1588t1588.002t1588.004t1589t1589.002t1595t1595.001t1595.002t1595.003tcp/22threat actorthreat intelligencetor nodeunauthorized accessunited statesus ip addressus source ipuser enumerationvalid accountsvulnerability scan

Activity Timeline

1 total obs
Apr 27Apr 27

Threat Activity Heatmap

· Peak: 2026-04-27
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
52
SIGNAL
Signal Score
52%
Confidence
19
Reports
First seenDec 17, 2023
Last seenApr 27, 2026
GeolocationGB
CountryUnited Kingdom
LocationLauterbourg, Grand-Est
ASNAS51167
OrgContabo GmbH
Coords49.4050, 11.1617

VirusTotal

Not checked

WHOIS

description
SSH bruteforce client IP
raw
inetnum: 144.91.64.0 - 144.91.95.255 netname: CONTABO descr: Contabo GmbH country: DE org: ORG-GG22-RIPE admin-c: MH7476-RIPE tech-c: MH7476-RIPE status: ASSIGNED PA mnt-by: MNT-CONTABO created: 2019-06-27T12:39:01Z last-modified: 2019-06-27T12:39:01Z source: RIPE organisation: ORG-GG22-RIPE org-name: Contabo GmbH country: DE org-type: LIR remarks: * Please direct all complaints about Internet abuse like Spam, hacking or scans * remarks: * to [email protected] . This will guarantee fastest processing possible. * address: Aschauer Strasse 32a address: 81549 address: Munchen address: GERMANY phone: +498921268372 fax-no: +498921665862 abuse-c: MH12453-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: MNT-CONTABO mnt-ref: MNT-OCIRIS mnt-by: RIPE-NCC-HM-MNT mnt-by: MNT-CONTABO created: 2009-12-09T13:41:08Z last-modified: 2021-09-14T10:49:04Z source: RIPE # Filtered person: Johannes Selg address: Contabo GmbH address: Aschauer Str. 32a address: 81549 Muenchen phone: +49 89 21268372 fax-no: +49 89 21665862 nic-hdl: MH7476-RIPE mnt-by: MNT-CONTABO mnt-by: MNT-GIGA-HOSTING created: 2010-01-04T10:41:37Z last-modified: 2024-04-15T11:05:18Z source: RIPE route: 144.91.74.0/23 descr: CONTABO origin: AS51167 mnt-by: MNT-CONTABO created: 2019-06-28T06:35:27Z last-modified: 2019-06-28T06:35:27Z source: RIPE
references
https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 month ago
Appeared in 19 threat reports