IOC Radar
IPMediumSignal 73/100

194.180.49.112

Location
United StatesUnited States
Berngau, VA
ASN
AS201814
HostSlick
First Seen
Sep 28, 2023
Last Seen
Feb 14, 2026
Sep 28
First Seen
988d ago
Feb 14
Last Seen
119d ago
16
Reports
source reports
73%
Confidence
medium
1/91
VirusTotal
detections
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Network Information

CountryUSUnited States
RegionBerngau, VA
ASNAS201814
OrganizationHostSlick

Feed Intelligence Summary

16 reports73% confidence
16
Source reports
73%
Confidence score
Category tags
abuseactive scanningbotnetbrute forcebrute force attackbulgariacommand and controlcredential accesscredential stuffingdata exfiltrationddosdenial of servicedistributed attackseuropeexploit attemptsftp brute forcegermanyhackinghttp brute forceindicatorlateral movementmalicious softwaremalwaremalware propagationmalware scanningnetworknetwork probingnetwork scanningnorth americapassword attackspolandprocess injectionreconnaissanceremote accessremote servicesresearchedscannersmtp brute forcesql injection attemptsssh attackt1021t1021.001t1046t1055t1059t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.002t1499.003t1563t1565t1588t1595t1595.001t1595.002t1595.003united states

Activity Timeline

1 total obs
Feb 14Feb 14

Threat Activity Heatmap

· Peak: 2026-02-14
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
16
Reports
First seenSep 28, 2023
Last seenFeb 14, 2026
GeolocationUS
CountryUnited States
LocationBerngau, VA
ASNAS201814
OrgHostSlick
Coords39.0814, -77.6443

VirusTotal

1/ 91vendors flagged
1% detection rateJun 5, 2026

WHOIS

raw
inetnum: 194.180.49.0 - 194.180.49.255 netname: Dedicated_Servers_IP_Range descr: Dedicated Servers IP Range org: ORG-RA1050-RIPE country: DE admin-c: LW2980-RIPE tech-c: LW2980-RIPE mnt-routes: mnt-de-maximilian-1 mnt-domains: mnt-de-maximilian-1 status: ASSIGNED PA mnt-by: MNT-NETERRA created: 2023-12-05T06:13:12Z last-modified: 2023-12-05T06:13:12Z source: RIPE organisation: ORG-RA1050-RIPE org-name: RAZI Network org-type: OTHER address: Hauptstrasse 31 92361 Berngau, DE admin-c: LW2980-RIPE tech-c: LW2980-RIPE abuse-c: ACRO59441-RIPE mnt-ref: AZERONLINE-MNT mnt-ref: voldeta-mnt mnt-ref: mnt-de-maximilian-1 mnt-ref: MNT-NETERRA mnt-by: mnt-de-maximilian-1 created: 2022-07-26T19:20:40Z last-modified: 2025-05-14T10:59:47Z source: RIPE # Filtered person: Razi Network address: 5605 SW Orleans St Seattle WA 98116 phone: +4917661200655 org: ORG-RA1050-RIPE nic-hdl: LW2980-RIPE mnt-by: mnt-de-maximilian-1 created: 2022-07-26T19:16:27Z last-modified: 2025-05-13T15:24:37Z source: RIPE # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 3 months ago
Appeared in 16 threat reports