IPMediumSignal 80/100
185.147.214.250
Location
SpainMadrid, Madrid
ASN
AS62651
NetProtect LLC
First Seen
Feb 22, 2022
Last Seen
Jun 7, 2026
Feb 22
First Seen
1573d ago
Jun 7
Last Seen
7d ago
20
Reports
source reports
80%
Confidence
medium
3/91
VirusTotal
detections
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
80%
Signal Score
80 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountrySpain
SpainRegionMadrid, Madrid
ASNAS62651
OrganizationNetProtect LLC
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
20 reports80% confidence
20
Source reports
80%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningalienvault_ransomwareaptattackauthentication attemptsbad reputationbad web botblacklist activityblacklist hitbotnetbotnet activitybrute forcebrute force attackbrute-forcebruteforcecommand and controlcommand executioncommunication protocolcredential accesscredential harvestingcredential stuffingcritical_infrastructurecyber securitydata encryptiondata exfiltrationdata store exposuredatabase brute forcedatabase securityddosddos attackdecoy systemdefensedenial of servicedhcpdhcp discoverydhcp explorationdistributed attackselasticsearchelasticsearch brute forceelasticsearch probingencryptioneseuropeexploitation activityexploited hostfinance and insuranceftpftp brute forceftp brute-forcehackinghttp scannerhttpsidentity & access exploitationimapimap brute forceinformation gatheringinitial accessinjection activityinjection attacksiociot securityiot targetedlateral movementldapldap brute forceldap probingmalicious activitymalicious softwaremalwarememcache scanningmemcached probingmssqlmssql brute forcenetworknetwork attacksnetwork monitoringnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork trafficnextrayntpntp amplification attemptntp scanningoracleoracle brute forceoracle probingpassword attacksphishingphishing attackping of deathpostgrespostgres brute forcepostgresql brute forceprobingprocess injectionprotocol exploitationproxyqhoneypot interactionsransomwarereconnaissanceredisredis brute forceredis probingremote accessremote servicesresearchedscanscannerscanningscanning activitysecurity policyserver exploitationsmbsmb brute forcesmb scanningsmtpsnmpsnmp enumerationsocial engineeringsocks5socks5 proxy attemptsocks5 proxy usagesocradarspainspamsql injectionsshssh attackt1018t1021t1021.001t1021.002t1027t1040t1046t1048.003t1055t1059t1059.001t1059.003t1059.004t1059.005t1059.007t1071t1071.001t1076t1077t1078t1078.002t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1505.004t1539t1555.003t1563t1565t1566.001t1566.002t1566.003t1567t1588t1595t1595.001t1595.002t1595.003targeting databasetcp protocoltelnettelnet threattftpthreat actorthreat intelligencethreat preventiontor nodevncvnc protocolvpnweb app attackweb application attackweb exploitationweb scannerweb spamweb trafficwebscanwebscanner
Activity Timeline
Jun 7Jun 7
Threat Activity Heatmap
· Peak: 2026-06-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
80
SIGNAL
Signal Score
80%
Confidence
20
Reports
First seenFeb 22, 2022
Last seenJun 7, 2026
GeolocationES
CountrySpain
LocationMadrid, Madrid
ASNAS62651
OrgNetProtect LLC
Coords40.4332, -3.6243
ProxyVPN
WHOIS
- description
- CC=ES ASN=AS33438 highwinds network group inc.
- raw
- inetnum: 185.147.214.0 - 185.147.214.255 netname: NETPR-MAD-DP country: ES admin-c: STIA1-RIPE tech-c: STIA1-RIPE status: ASSIGNED PA geoloc: 40.439323 -3.621211 mnt-by: us-strong-1-mnt created: 2021-07-15T13:14:14Z last-modified: 2024-05-01T17:11:46Z source: RIPE abuse-c: STRG-RIPE descr: Madrid, Spain role: Strong Technology IP Admin address: 114 5th Avenue 15th Floor New York, NY 10011, USA nic-hdl: STIA1-RIPE mnt-by: NETPROTECT-MNT created: 2024-05-01T13:19:28Z last-modified: 2024-05-01T13:19:28Z source: RIPE # Filtered route: 185.147.214.0/24 origin: AS62651 mnt-by: us-strong-1-mnt created: 2024-01-12T15:46:05Z last-modified: 2024-01-12T15:46:05Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 4 years ago · Last seen 7 days ago
Appeared in 20 threat reports