IOC Radar
IPMediumSignal 81/100

212.47.78.23

Location
GermanyGermany
Lauterbourg, England
ASN
AS51167
Contabo GmbH
First Seen
Apr 9, 2026
Last Seen
May 9, 2026
Apr 9
First Seen
64d ago
May 9
Last Seen
34d ago
9
Reports
source reports
81%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
81%
Signal Score
81 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

13 techniques

Network Information

CountryDEGermany
RegionLauterbourg, England
ASNAS51167
OrganizationContabo GmbH

IP Category

Proxy
Proxy server

Feed Intelligence Summary

9 reports81% confidence
9
Source reports
81%
Confidence score
Category tags
active scanactive scanningapacheapache attackerbad web botblog spambotnet activitybrute forcebrute force attackbrute force attackerbrute-forcecredential accesscredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackdenial of serviceeuropeexploitation activityexploited hostfrfrancegermanyhackingidentity & access exploitationindicatorinjection activityinjection attacksmalwarenetworkopen proxypassword attacksproxyreconnaissanceresearchedscannerspamssh attackt1059.003t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1499.001t1499.002t1595.001t1595.002t1595.003united kingdomwebweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 9May 9

Threat Activity Heatmap

· Peak: 2026-05-09
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
81
SIGNAL
Signal Score
81%
Confidence
9
Reports
First seenApr 9, 2026
Last seenMay 9, 2026
GeolocationDE
CountryGermany
LocationLauterbourg, England
ASNAS51167
OrgContabo GmbH
Coords51.5072, -0.1276
Proxy

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected performing web attacks against Cloudflare honeypot edge
raw
inetnum: 212.47.72.0 - 212.47.79.255 netname: TT-20240923 descr: Contabo GmbH country: DE org: ORG-CG316-RIPE admin-c: MH7476-RIPE tech-c: MH7476-RIPE abuse-c: MH12453-RIPE status: ASSIGNED PA mnt-by: MNT-CONTABO created: 2024-09-24T08:43:56Z last-modified: 2024-10-09T15:28:08Z source: RIPE organisation: ORG-CG316-RIPE org-name: Contabo GmbH org-type: other remarks: * Please direct all complaints about Internet abuse like Spam, hacking or scans * remarks: * to [email protected] . This will guarantee fastest processing possible. * address: Welfenstrasse 22 address: 81541 address: Munchen address: GERMANY phone: +498921268372 fax-no: +498921665862 abuse-c: MH12453-RIPE mnt-ref: MNT-CONTABO mnt-ref: de-net1-1-mnt mnt-by: MNT-CONTABO mnt-ref: TERRATRANSIT-MNT mnt-by: TERRATRANSIT-MNT mnt-by: de-net1-1-mnt mnt-ref: de-tt1data-1-mnt created: 2021-11-09T22:12:54Z last-modified: 2025-11-26T16:26:17Z source: RIPE # Filtered person: Johannes Selg address: Contabo GmbH address: Welfenstr. 22 address: 81541 M�nchen phone: +49 89 21268372 fax-no: +49 89 21665862 nic-hdl: MH7476-RIPE mnt-by: MNT-CONTABO mnt-by: MNT-GIGA-HOSTING created: 2010-01-04T10:41:37Z last-modified: 2025-12-05T12:12:21Z source: RIPE route: 212.47.72.0/21 origin: AS51167 mnt-by: MNT-CONTABO created: 2024-09-24T08:43:56Z last-modified: 2024-10-09T15:28:19Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 9 threat reports