IOC Radar
IPMediumSignal 92/100

158.220.90.100

Location
United KingdomUnited Kingdom
Portsmouth, England
ASN
AS51167
Contabo GmbH
First Seen
Dec 21, 2024
Last Seen
Apr 23, 2025
Dec 21
First Seen
548d ago
Apr 23
Last Seen
426d ago
13
Reports
source reports
92%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
92%
Signal Score
92 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Network Information

CountryGBUnited Kingdom
RegionPortsmouth, England
ASNAS51167
OrganizationContabo GmbH

Feed Intelligence Summary

13 reports92% confidence
13
Source reports
92%
Confidence score
Category tags
abuseactive scanningattackaustraliaauthenticationauthentication attackauto-generated securitybotnetbrute forcebrute force attackbrute force attemptcommand and controlcompromise attemptcowrie honeypotcredential accesscredential stuffingctadata exfiltrationdecoy systemdistributed attackseuropeexternal attackindicatormalicious activitymalicious softwaremalwarenetworknetwork intrusionnetwork securityoceaniapassword attackpassword attacksprocess injectionreconnaissanceremote accessremote servicesresearchedscannersecurity operationsssh attackssh monitoringt1021.004t1055t1071.001t1078t1078.002t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1486t1496t1499.002t1499.003t1555t1565t1588.004t1589t1589.002t1595t1595.001t1595.002t1595.003threat actorthreat intelligenceunited kingdom

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
92
SIGNAL
Signal Score
92%
Confidence
13
Reports
First seenDec 21, 2024
Last seenApr 23, 2025
GeolocationGB
CountryUnited Kingdom
LocationPortsmouth, England
ASNAS51167
OrgContabo GmbH
Coords50.8514, -0.9903

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
inetnum: 158.220.80.0 - 158.220.95.255 netname: TT-20230331 descr: Contabo GmbH country: DE org: ORG-CG316-RIPE admin-c: MH7476-RIPE tech-c: MH7476-RIPE abuse-c: MH12453-RIPE status: LEGACY mnt-by: MNT-CONTABO created: 2023-03-31T08:52:51Z last-modified: 2023-07-28T10:46:24Z source: RIPE organisation: ORG-CG316-RIPE org-name: Contabo GmbH org-type: other remarks: * Please direct all complaints about Internet abuse like Spam, hacking or scans * remarks: * to [email protected] . This will guarantee fastest processing possible. * address: Aschauer Strasse 32a address: 81549 address: Munchen address: GERMANY phone: +498921268372 fax-no: +498921665862 abuse-c: MH12453-RIPE mnt-ref: MNT-CONTABO mnt-ref: de-net1-1-mnt mnt-by: MNT-CONTABO mnt-ref: TERRATRANSIT-MNT mnt-by: TERRATRANSIT-MNT mnt-by: de-net1-1-mnt mnt-ref: de-tt1data-1-mnt created: 2021-11-09T22:12:54Z last-modified: 2022-01-03T23:38:33Z source: RIPE # Filtered person: Johannes Selg address: Contabo GmbH address: Aschauer Str. 32a address: 81549 Muenchen phone: +49 89 21268372 fax-no: +49 89 21665862 nic-hdl: MH7476-RIPE mnt-by: MNT-CONTABO mnt-by: MNT-GIGA-HOSTING created: 2010-01-04T10:41:37Z last-modified: 2024-04-15T11:05:18Z source: RIPE route: 158.220.80.0/20 descr: CONTABO origin: AS51167 mnt-by: MNT-CONTABO created: 2023-03-31T08:53:13Z last-modified: 2023-07-28T10:46:28Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 year ago
Appeared in 13 threat reports