IPMediumSignal 66/100
31.58.58.71
Location
GermanyFrankfurt am Main, Hesse
ASN
AS215703
Freakhosting LTD
First Seen
Feb 4, 2025
Last Seen
Jun 2, 2026
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
66%
Signal Score
66 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionFrankfurt am Main, Hesse
ASNAS215703
OrganizationFreakhosting LTD
Feed Intelligence Summary
14 reports66% confidence
14
Source reports
66%
Confidence score
Category tags
abuseactive scanactive scanningaptarmasciiasyncrataterabackdoorbad reputationbase64bashbookingbotnetbotnet activitybrute forcec2censyscnccobaltstrikecommand & controlcommand and controlcommand executioncompromise ipv4compromised systemconnected devicesctacurldata exfiltrationdata store exposureddosddos attacksdedevice managementdistributed attacksdlldofoilelfencodedeuropeexeexecutable fileexploitation activityfakecaptchagafgytgermanyguloaderhajimehtaindicatorindustrial iotinfostealeringress tool transferinjection activityinternet of thingsiociocsiot analyticsiot applicationsiot botnetiot platformsiot securityiot/ics attackipv4ipv4 portiran, islamic republic ofjpg-base64-loaderkimsukylinuxlnklummastealermalicious powershell activitymalicious softwaremalwaremipsmiraimirai botnetmozinanocoreratnetworknjratopendirparaguaypolcertpowershellprocess injectionps1quakbotquasarratransomwareratreconnaissanceredlinestealerremcosratremote accessresearchedrevrev-base64-loaderrmmsaint helena, ascension and tristan da cunhascams & fraudscannerscripting attacksself-signedshshell scriptsmart devicessmoke loadersshdkitstealct1027t1055t1059.001t1059.004t1071t1071.001t1086t1105t1133t1189t1190t1203t1204t1204.002t1486t1496t1497t1499.002t1499.003t1565t1566t1595.001t1595.002t1595.003threat actortoggletor nodetrojantrojan malwareua-wgetvbsvidarwgetwin trojanwsgidavxml-opendir
Activity Timeline
Jun 2Jun 2
Threat Activity Heatmap
· Peak: 2026-06-02LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
66
SIGNAL
Signal Score
66%
Confidence
14
Reports
First seenFeb 4, 2025
Last seenJun 2, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS215703
OrgFreakhosting LTD
Coords35.6980, 51.4115
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 31.58.58.0 - 31.58.58.255 netname: FREAKHOSTING-LTD descr: freakhosting.com org: ORG-FL435-RIPE country: DE geofeed: https://geofeed.freakhosting.com/geofeed.txt admin-c: AV13423-RIPE tech-c: AV13423-RIPE abuse-c: FA9292-RIPE status: SUB-ALLOCATED PA mnt-by: netutils-mnt created: 2024-11-18T06:32:10Z last-modified: 2026-02-11T15:28:18Z source: RIPE organisation: ORG-FL435-RIPE org-name: FREAKHOSTING LTD country: GB org-type: OTHER address: 3rd Floor, 86-90 Paul Street, London, United Kingdom, EC2A 4NE abuse-c: ACRO54311-RIPE mnt-ref: FREAKHOSTING-MNT mnt-ref: netutils-mnt created: 2026-01-22T17:08:02Z last-modified: 2026-02-08T13:15:56Z source: RIPE # Filtered mnt-by: FREAKHOSTING-MNT role: Vlad Alexandru address: 86-90 Paul Street, London, England EC2A 4NE, United Kingdom mnt-by: FREAKHOSTING-MNT nic-hdl: AV13423-RIPE created: 2024-01-12T23:37:16Z last-modified: 2024-07-23T22:43:52Z source: RIPE # Filtered route: 31.58.58.0/24 origin: AS215703 mnt-by: netutils-mnt created: 2024-11-17T13:27:52Z last-modified: 2025-02-12T14:05:44Z source: RIPE
- references
- https://threatfox.abuse.ch/export/csv/recent/, https://1275.ru/ioc/9342/gs-605-mirai-botnet-iocs/, https://urlhaus.abuse.ch/browse/
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 24 days ago
Appeared in 14 threat reports