IPMediumSignal 0/100
18.158.218.208
Location
GermanyFrankfurt am Main, Hesse
ASN
AS16509
AWS EC2 (eu-central-1)
First Seen
Oct 23, 2025
Last Seen
Oct 25, 2025
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags
Network Information
CountryGermany
GermanyRegionFrankfurt am Main, Hesse
ASNAS16509
OrganizationAWS EC2 (eu-central-1)
Feed Intelligence Summary
2 reports0% confidence
2
Source reports
0%
Confidence score
Category tags
indicatornetworkresearched
Activity Timeline
Oct 25Oct 25
Threat Activity Heatmap
· Peak: 2025-10-25LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC) is an IPv4 address, 18.158.218.208, and has a low-risk score of 0.0 and is currently whitelisted. Its presence in threat intelligence feeds like ThreatFox and Abuse.ch-ThreatFox-C&Cs does not inherently indicate malicious activity. The address was whitelisted by Appealer Whitelist Service. Given its whitelisted status and low score, this IOC is considered benign and does not require immediate action. The focus should be on routine monitoring to confirm its cont…
Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
2
Reports
First seenOct 23, 2025
Last seenOct 25, 2025
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS16509
OrgAWS EC2 (eu-central-1)
Coords50.1109, 8.6821
VirusTotal
Not checked
WHOIS
- description
- ip:port combination that is used for botnet Command&control (C&C)
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 8 months ago · Last seen 8 months ago
Appeared in 2 threat reports