IPMediumSignal 47/100
209.126.80.220
Location
United StatesSt Louis, Missouri
ASN
AS40021
Contabo Inc
First Seen
Aug 31, 2025
Last Seen
May 31, 2026
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionSt Louis, Missouri
ASNAS40021
OrganizationContabo Inc
Feed Intelligence Summary
12 reports47% confidence
12
Source reports
47%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningadbhoney honeypotattackbad reputationbotnetbotnet activitybrute forcebrute force attackbrute-forcecisco devicecisco exploitationcommunication protocolcompromised credentialscowrie capturecowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdenial of servicedevice managementdionaea capturedionaea honeypotenterprise networkingexploitation activityexploited hostftp brute-forcehackingheralding activityhoneytrap honeypotidentity & access exploitationindicatorinjection activityinjection attacksiot securityiot targetedlamplamp exploitation attemptlamp vulnerability scanmalicious activitymalicious payload distributionmalwaremalware behaviourmalware capturenetworknetwork infrastructurenetwork probingnetwork securitynorth americapassword attackspossible malware propagationransomwarereconnaissanceresearchedresource hijackingscannersecurity policyself-signedsentrypeer activitysentrypeer botnetsftp attacksftp exploitation attemptsip scansql injectionssh attackssh monitoringt1021t1040t1041t1059t1059.003t1071t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationsthreat actorthreat detectionthreat intelligencethreat preventiontor nodeunited statesusvoipvoip attackvulnerability scanweb application attackweb exploitation
Activity Timeline
May 31May 31
Threat Activity Heatmap
· Peak: 2026-05-31LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
12
Reports
First seenAug 31, 2025
Last seenMay 31, 2026
GeolocationUS
CountryUnited States
LocationSt Louis, Missouri
ASNAS40021
OrgContabo Inc
Coords38.6327, -90.1961
VirusTotal
Not checked
WHOIS
- raw
- NetRange: 209.126.80.0 - 209.126.87.255 CIDR: 209.126.80.0/21 NetName: CONTA-48 NetHandle: NET-209-126-80-0-1 Parent: NET209 (NET-209-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Contabo Inc. (CONTA-48) RegDate: 2021-03-18 Updated: 2023-05-16 Ref: https://rdap.arin.net/registry/ip/209.126.80.0 OrgName: Contabo Inc. OrgId: CONTA-48 Address: 710 N Tucker Blvd. STE 400A City: St. Louis StateProv: MO PostalCode: 63101 Country: US RegDate: 2019-12-23 Updated: 2024-11-25 Ref: https://rdap.arin.net/registry/entity/CONTA-48 OrgAbuseHandle: CAD61-ARIN OrgAbuseName: Contabo Abuse Department OrgAbusePhone: +498921665862 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/CAD61-ARIN OrgRoutingHandle: CONTA393-ARIN OrgRoutingName: Contabo NOC OrgRoutingPhone: +498921665862 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/CONTA393-ARIN OrgNOCHandle: CONTA393-ARIN OrgNOCName: Contabo NOC OrgNOCPhone: +498921665862 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/CONTA393-ARIN OrgTechHandle: CONTA392-ARIN OrgTechName: Contabo Tech OrgTechPhone: +498921268372 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/CONTA392-ARIN
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 9 months ago · Last seen 15 days ago
Appeared in 12 threat reports