IOC Radar
IPMediumSignal 76/100

217.160.64.171

Location
GermanyGermany
Essen, North Rhine-Westphalia
ASN
AS8560
De Rhr Bap Ngcs Public
First Seen
Apr 4, 2026
Last Seen
May 4, 2026
Apr 4
First Seen
83d ago
May 4
Last Seen
53d ago
10
Reports
source reports
76%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
76%
Signal Score
76 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

15 techniques

Network Information

CountryDEGermany
RegionEssen, North Rhine-Westphalia
ASNAS8560
OrganizationDe Rhr Bap Ngcs Public

Feed Intelligence Summary

10 reports76% confidence
10
Source reports
76%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningattackbad reputationbad web botbotnet activitybrute forcebrute force attackbrute-forcecivil servicescloud infrastructurecloud infrastructure attackcloud servicescredential accesscredential harvestingcredential stuffingddosddos attackdedecoy systemdenial of serviceeuropeexploitexploitation activityexploited hostftp brute-forcegermanygovernment technologyhackingidentity & access exploitationindicatorinformation technologyit infrastructuremalicious activitymalwarenetworkpassword attacksphishingphishing attackpublic administrationpublic infrastructurepublic policyreconnaissanceregulatory agenciesresearchedresource hijackingscannersecurity policysocial engineeringsoftware developmentsshssh attackt1078t1110.001t1110.002t1110.003t1110.004t1190t1203t1496t1499.001t1566.001t1566.002t1566.003t1595.001t1595.002t1595.003threat actorthreat intelligencethreat preventiontor nodetpotvulnerability scanvulnerability-exploitationweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
May 4May 4

Threat Activity Heatmap

· Peak: 2026-05-04
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
76
SIGNAL
Signal Score
76%
Confidence
10
Reports
First seenApr 4, 2026
Last seenMay 4, 2026
GeolocationDE
CountryGermany
LocationEssen, North Rhine-Westphalia
ASNAS8560
OrgDe Rhr Bap Ngcs Public
Coords51.4576, 7.0225

VirusTotal

Not checked

WHOIS

description
Score: 65/100. Labels: abuseipdb:brute-force, abuseipdb:critical, abuseipdb:ddos, abuseipdb:exploited-host, abuseipdb:ftp-brute, abuseipdb:hacking. 217.160.64.171 classified as automated brute-force attacker targeting SSH/Telnet credentials (medium confidence). Origin: enriched. Listed on: AbuseIPDB (brute-force, critical, ddos).
raw
inetnum: 217.160.64.0 - 217.160.67.255 netname: de-rhr-bap-ngcs-public descr: IONOS SE country: DE admin-c: IPAD-RIPE tech-c: IPOP-RIPE abuse-c: ARO12-RIPE status: ASSIGNED PA mnt-by: AS8560-MNT created: 2024-10-11T14:35:56Z last-modified: 2024-10-11T14:35:56Z source: RIPE # Filtered role: IP Administration address: IONOS SE admin-c: SH15342-RIPE tech-c: SH15342-RIPE mnt-ref: AS8560-MNT nic-hdl: IPAD-RIPE abuse-mailbox: [email protected] mnt-by: AS8560-MNT created: 2009-05-20T17:24:09Z last-modified: 2025-09-26T12:26:46Z source: RIPE # Filtered role: IP Operations address: IONOS SE admin-c: SH15342-RIPE tech-c: SH15342-RIPE mnt-ref: AS8560-MNT nic-hdl: IPOP-RIPE abuse-mailbox: [email protected] mnt-by: AS8560-MNT created: 2009-05-28T16:25:04Z last-modified: 2025-09-26T12:26:44Z source: RIPE # Filtered route: 217.160.0.0/16 descr: IONOS-PA-3 origin: AS8560 mnt-by: AS8560-MNT created: 1970-01-01T00:00:00Z last-modified: 2020-11-27T17:48:27Z source: RIPE # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 10 threat reports