IOC Radar
IPMediumSignal 84/100

212.227.76.145

Location
GermanyGermany
Essen, North Rhine-Westphalia
ASN
AS8560
De Rhr Bap Ngcs Public
First Seen
Nov 1, 2025
Last Seen
Dec 5, 2025
Nov 1
First Seen
236d ago
Dec 5
Last Seen
201d ago
12
Reports
source reports
84%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
84%
Signal Score
84 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

43 techniques

Network Information

CountryDEGermany
RegionEssen, North Rhine-Westphalia
ASNAS8560
OrganizationDe Rhr Bap Ngcs Public

Feed Intelligence Summary

12 reports84% confidence
12
Source reports
84%
Confidence score
Category tags
abuseaccess controlactive scanningasiaattackaustraliaauthentication brute forceauthentication_bypassback orificebad web botblacklisted ipsblog spambotnetbrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsc2chinacommand and controlcommand executioncommunication protocolcompromised hostscowrie honeypotcowrie interactionscredential accesscredential stuffingdata encryptiondata exfiltrationdatabase securityddosdecoy systemdenial of servicedhcpdionaea honeypotdionaea interactionsdionaea payloadsdistributed attackselasticsearcheuropeexploitexploit kitfailed login attemptsfattfatt detectionsfatt signaturesftpftp brute forcegermanygponhackinghnaphoneytrap eventshoneytrap honeypothoneytrap interactionshttp probinghttp scannerimapindiaindicatorinformation gatheringinput validation bypassipv4ipv4_addresslateral movementldaplogin failuremailoney eventsmailoney honeypotmailoney interactionsmalicious activitymalicious domainsmalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware communicationmalware distributionmssqlnetgearnetworknetwork intrusionnetwork intrusion attemptsnetwork intrusion detectionnetwork monitoringnetwork probenetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork_service_exploitationnorth americantpoceaniaoraclep0fp0f signaturespassword attackpassword attackspath traversalphishing attackphishing trappossible botnet infectionprocess injectionprotocol exploitationreconnaissanceremote accessremote code executionremote servicesremote_accessresearchedresource hijackingrouter exploitationscanscannersecurity operationssecurity policysensor-taggedsentrypeer botnetsentrypeer eventssentrypeer interactionsserver exploitationsmtpsmtp probingsocks5socradar honeypotsql injectionssh attackssh monitoringsuricata alertssystembct1021t1021.001t1021.002t1021.004t1040t1046t1055t1059t1059.001t1059.003t1059.004t1059.005t1068t1071.001t1076t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133