IPMediumSignal 56/100
194.180.49.145
Location
GermanyBerngau, Bavaria
ASN
AS201814
HostSlick
First Seen
Jul 2, 2024
Last Seen
Jun 13, 2026
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
56%
Signal Score
56 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionBerngau, Bavaria
ASNAS201814
OrganizationHostSlick
Feed Intelligence Summary
15 reports56% confidence
15
Source reports
56%
Confidence score
Category tags
abuseaccess controlaccount compromiseaccount securityactive scanactive scanningadminadministrative accessaptattackaustraliabad reputationbad web botbotnetbotnet activitybotnet activity detectedbrute forcebrute force attackbrute force attacksbrute force attemptsbrute-forcebulgariac2 communicationcanadacloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommand injectioncommunication protocolcompromised hostcompromised systemcowriecowrie honeypotcredential accesscredential attackcredential harvestingcredential stuffingcvedata encryptiondata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackddos attacksdecoy systemdenial of servicedigital oceandionaeadionaea honeypotdistributed attacksdnsdns attackencryptioneuropeexploitexploitation activityexploitation attemptexploited hostfattftpftp brute forcegermanyhackinghoneytrap honeypothttp brute forcehttp scannerhttpsidentity & access exploitationimapinbound scanindicatorinfrastructure scanninginitial accessinjection activityinjection attacksinternet of thingsinternet-facingintrusion detectioniociot botnetiot securityiot targetediot/ics attacklateral movementmailoney honeypotmalicious activitymalicious domainmalicious ipmalicious linksmalicious softwaremalwaremalware behaviourmalware capturemalware distributionmiraimirai botnetmssqlnetworknetwork attacksnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynorth americaoceaniaoperating systemoperating system securityp0fpassword attacksphishingphishing attackphishing trapping of deathplpolandportscanpossible exploit attemptspotential vulnerability scanprivilege escalationprocess injectionprotocol exploitationransomwarerdpreconnaissanceremote accessremote servicesresearchedresource hijackingscanscannerscannersscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetserver exploitationservice scansmtpsmtp brute forcesocial engineeringspamsql injectionsshssh attackssh monitoringsynt1018t1021t1021.001t1021.002t1040t1046t1055t1059t1059.003t1059.007t1069.001t1071t1071.001t1076t1077t1078t1083t1088t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.001t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1566t1566.001t1566.002t1566.003t1589t1595t1595.001t1595.002t1595.003tannertargeting databasetcptcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotudp port scanudp scanunited statesunknown threat actorvnc protocolvoipvoip attackvulnerability scanvulnerability-exploitationvultrweb app attackweb application attackweb attackweb exploitationweb securityweb trafficwinwindows
Activity Timeline
Jun 13Jun 13
Threat Activity Heatmap
· Peak: 2026-06-13LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
56
SIGNAL
Signal Score
56%
Confidence
15
Reports
First seenJul 2, 2024
Last seenJun 13, 2026
GeolocationDE
CountryGermany
LocationBerngau, Bavaria
ASNAS201814
OrgHostSlick
Coords49.2378, 11.3715
VirusTotal
Not checked
WHOIS
- description
- Scans hitting the server at TCP port 3389 RDP. Same IP should not appear more than once in 96 hours in our lists S3#.
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 10 days ago
Appeared in 15 threat reports