IOC Radar
IPMediumSignal 65/100

45.86.202.121

Location
GermanyGermany
Frankfurt am Main, HE
ASN
AS206092
VPN Consumer Frankfurt, Germany
First Seen
May 5, 2022
Last Seen
May 6, 2026
May 5
First Seen
1502d ago
May 6
Last Seen
40d ago
16
Reports
source reports
65%
Confidence
medium
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, HE
ASNAS206092
OrganizationVPN Consumer Frankfurt, Germany

IP Category

VPN
VPN exit node

Feed Intelligence Summary

16 reports65% confidence
16
Source reports
65%
Confidence score
Category tags
active scanactive scanningapacheapache attackeraptbad web botbotnet activitybrute forcebrute force attackbrute force attackerbrute-forcebruteforcecredential accesscredential stuffingcyber securityddosdedefensedenial of serviceeuropeexploitation activityexploited hostgermanyhackingidentity & access exploitationiocnetworknextraypassword attacksphishingproxyreconnaissanceresearchedscannerspamt1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003threat actortor nodevpnwebweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 6May 6

Threat Activity Heatmap

· Peak: 2026-05-06
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
16
Reports
First seenMay 5, 2022
Last seenMay 6, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, HE
ASNAS206092
OrgVPN Consumer Frankfurt, Germany
Coords50.1188, 8.6843
VPN

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected performing web attacks against Cloudflare honeypot edge
raw
inetnum: 45.86.202.0 - 45.86.202.255 netname: FRANKFURT-DE-45-86-202-0 country: DE geoloc: 50.1134038 8.6823127 geofeed: https://www.prefixbroker.com/prefixbroker-geofeed.csv org: ORG-VCFG2-RIPE admin-c: VCAR3-RIPE tech-c: VCAR3-RIPE status: ASSIGNED PA mnt-by: PREFIXBROKER-MNT created: 2023-12-11T12:10:29Z last-modified: 2023-12-24T10:57:41Z source: RIPE organisation: ORG-VCFG2-RIPE org-name: VPN Consumer Frankfurt, Germany org-type: OTHER address: Frankfurt, Germany country: DE abuse-c: VCAR3-RIPE mnt-ref: PREFIXBROKER-MNT mnt-by: PREFIXBROKER-MNT created: 2023-12-11T12:09:16Z last-modified: 2024-01-03T08:25:12Z source: RIPE # Filtered role: VPN Consumer Abuse Role address: AZ Business Center address: Avenida Perez Chitre address: Panama, 00395 address: Republica de Panama nic-hdl: VCAR3-RIPE abuse-mailbox: [email protected] mnt-by: PREFIXBROKER-MNT created: 2023-11-22T08:33:27Z last-modified: 2023-11-22T08:33:27Z source: RIPE # Filtered route: 45.86.202.0/24 origin: AS206092 mnt-by: PREFIXBROKER-MNT created: 2020-01-14T13:03:50Z last-modified: 2020-01-14T13:03:50Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://jamesbrine.com.au/cfglobal-web-ip-list-2026-04-16/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 1 month ago
Appeared in 16 threat reports