IOC Radar
IPMediumSignal 66/100

217.160.194.8

Location
GermanyGermany
Frankfurt am Main, Hesse
ASN
AS8560
De Rhr Bap Ngcs Public
First Seen
Apr 6, 2026
Last Seen
Jun 2, 2026
Apr 6
First Seen
74d ago
Jun 2
Last Seen
17d ago
7
Reports
source reports
66%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
66%
Signal Score
66 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

6 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, Hesse
ASNAS8560
OrganizationDe Rhr Bap Ngcs Public

IP Category

Proxy
Proxy server

Feed Intelligence Summary

7 reports66% confidence
7
Source reports
66%
Confidence score
Category tags
active scanactive scanningbad web botblog spambotnet activitybrute forcebrute force attackerbrute-forcecowrieddosddos attackdedenial of servicedigital oceandionaeaeuropeexploitation activityfattgermanyhackingindicatorinjection activitynetworkopen proxyp0fping of deathportscanproxyreconnaissanceresearchedscannerscannerssensor-taggedservice scanspamsql injectiont1190t1203t1499.001t1595.001t1595.002t1595.003tannertargeting databasetpotvultrweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
66
SIGNAL
Signal Score
66%
Confidence
7
Reports
First seenApr 6, 2026
Last seenJun 2, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS8560
OrgDe Rhr Bap Ngcs Public
Coords51.2993, 9.4910
Proxy

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
raw
inetnum: 217.160.194.0 - 217.160.195.255 netname: de-rhr-bap-ngcs-public descr: IONOS SE country: DE admin-c: IPAD-RIPE tech-c: IPOP-RIPE abuse-c: ARO12-RIPE status: ASSIGNED PA mnt-by: AS8560-MNT created: 2024-10-11T14:36:14Z last-modified: 2024-10-11T14:36:14Z source: RIPE # Filtered role: IP Administration address: IONOS SE admin-c: SH15342-RIPE tech-c: SH15342-RIPE mnt-ref: AS8560-MNT nic-hdl: IPAD-RIPE abuse-mailbox: [email protected] mnt-by: AS8560-MNT created: 2009-05-20T17:24:09Z last-modified: 2025-09-26T12:26:46Z source: RIPE # Filtered role: IP Operations address: IONOS SE admin-c: SH15342-RIPE tech-c: SH15342-RIPE mnt-ref: AS8560-MNT nic-hdl: IPOP-RIPE abuse-mailbox: [email protected] mnt-by: AS8560-MNT created: 2009-05-28T16:25:04Z last-modified: 2025-09-26T12:26:44Z source: RIPE # Filtered route: 217.160.0.0/16 descr: IONOS-PA-3 origin: AS8560 mnt-by: AS8560-MNT created: 1970-01-01T00:00:00Z last-modified: 2020-11-27T17:48:27Z source: RIPE # Filtered
references
https://jamesbrine.com.au/digitaloceanlondon-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 17 days ago
Appeared in 7 threat reports