IOC Radar
IPMediumSignal 58/100

194.187.176.124

Location
GermanyGermany
Berlin, Berlin
ASN
AS208843
Alpha Strike Labs GmbH
First Seen
Feb 21, 2023
Last Seen
Jun 17, 2026
Feb 21
First Seen
1218d ago
Jun 17
Last Seen
7d ago
18
Reports
source reports
58%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
58%
Signal Score
58 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

56 techniques

Network Information

CountryDEGermany
RegionBerlin, Berlin
ASNAS208843
OrganizationAlpha Strike Labs GmbH

Feed Intelligence Summary

18 reports58% confidence
18
Source reports
58%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningaerospace & defensealpha_strike_labs-benignattackaustraliaaustriaautomotive manufacturingbad reputationbad web botbeningbening scannerbotnetbotnet activitybotnet detectionbrute forcebrute force attackbrute force attemptsbrute-forcec2 communicationc2 detectioncisco devicecisco exploitation attemptcisco exploitation attemptscivil servicescloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommunication protocolcompromised hostcompromised hostsconpot honeypotcowrie honeypotcowrie interactionscowrie ssh honeypotcredential accesscredential brute-forcecredential guessingcredential harvestingcredential stuffingctadata encryptiondata exfiltrationdata store exposuredatabase securityddosddos participationdedecoy systemdefault credential abusedefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedevice managementdigital oceandionaea honeypotdionaea interactionsdistributed attackselectronics manufacturingencryptionenterprise networkingeuropeexploit activityexploit probingexploitation activityexploitation attemptsexploited hostexternal threatfattfatt signaturesfraud voipftpftp brute forceftp brute-forceftp scangermanygovernment technologyhackinghoneytrap honeypothoneytrap interactionshttp probinghttp scannerhttp scanninghttp/sics securityidentity & access exploitationindicatorindustrial automationindustrial control systemsindustrial iotindustrial productioninitial accessinjection activityinternet-wide scaniociot device exploitationiot securityiot targetediot/ics attacklamplamp exploit attemptlamp exploitation attemptslamp server attacklateral movementlinux servermailoney honeypotmailoney interactionsmalicious activitymalicious domainmalicious login attemptsmalicious softwaremalwaremalware behaviourmalware capturemalware distributionmalware filtermanufacturing technologymilitary operationsmodbusmssqlnational securitynetworknetwork anomaliesnetwork attacksnetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork intrusion detectionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnextrayoceaniap0fp0f signaturespassword attackpassword attacksphishingphishing attackphishing trappotential compromiseprocess injectionprocess manufacturingprotocol abuseprotocol exploitationpublic administrationpublic infrastructurepublic policyquality controlransomwarereconnaissanceregulatory agenciesremote accessremote servicesresearchedresource developmentresource hijackingscams & fraudscannerscannersscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetsentrypeer interactionsserver exploitationsftp attacksip attackssip brute forcesip scansip scanningsmtp probingsocial engineeringsocradar honeypotsql injectionsshssh attackssh monitoringssh scansupply chain attacksupply chain managementsuricata alertst1003t1016t1021t1021.001t1021.002t1021.003t1021.004t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1068t1071t1071.001t1076t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1573t1573.001t1583t1583.001t1589t1590t1595t1595.001t1595.002t1595.003tannertanner interactionstargeting databasetcp protocoltcp/23tcp/3306telecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotunauthorized accessunauthorized loginverified-benignvoipvoip attackvulnerability scanweb app attackweb application attackweb application attacksweb attackweb exploitationweb traffic

Activity Timeline

1 total obs
Jun 17Jun 17

Threat Activity Heatmap

· Peak: 2026-06-17
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
58
SIGNAL
Signal Score
58%
Confidence
18
Reports
First seenFeb 21, 2023
Last seenJun 17, 2026
GeolocationDE
CountryGermany
LocationBerlin, Berlin
ASNAS208843
OrgAlpha Strike Labs GmbH
Coords52.4286, 13.5316

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 7 days ago
Appeared in 18 threat reports