IOC Radar
IPMediumSignal 23/100

45.89.127.3

Location
GermanyGermany
Frankfurt am Main, Hessen
ASN
AS213250
DeinServerHost
First Seen
Jan 31, 2025
Last Seen
Apr 7, 2026
Jan 31
First Seen
499d ago
Apr 7
Last Seen
68d ago
7
Reports
source reports
23%
Confidence
medium
1/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
23%
Signal Score
23 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

26 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, Hessen
ASNAS213250
OrganizationDeinServerHost

Feed Intelligence Summary

7 reports23% confidence
7
Source reports
23%
Confidence score
Category tags
accessactive scanactive scanningattackbotnetbotnet activitybrute forcebrute force attackcommand and controlcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposurededecoy systemdistributed attacksemaileuropeexploitation activityftp brute forcegermanygithubgroupshoneytrap honeypotidentity & access exploitationindicatorinjection activitylamplateral movementmailoney honeypotmalicious activitymalicious softwaremalwarenetworknetwork enumerationnetwork scanningpassword attacksphishingphishing attackphishing trappotential malicious activityprocess injectionpythonreconnaissanceresearchedscannerscriptservice enumerationsftpsftp attackslugsmtp brute forcesocial engineeringspamsshssh attackssh monitoringsurface webt1021t1021.004t1041t1055t1059t1059.004t1071.001t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003threat actorthreat detectiontor nodeunauthorized access attemptsunidentified attacker

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
23
SIGNAL
Signal Score
23%
Confidence
7
Reports
First seenJan 31, 2025
Last seenApr 7, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hessen
ASNAS213250
OrgDeinServerHost
Coords50.1188, 8.6843

VirusTotal

1/ 91vendors flagged
1% detection rateJun 8, 2026

WHOIS

description
Unknown source type: h0neytr4p
raw
inetnum: 45.89.126.0 - 45.89.127.255 geofeed: https://rose.dsh-mirror.de/geofeed/geofeed.csv abuse-c: ACRO20307-RIPE netname: DeinServerHost country: DE admin-c: CRH20-RIPE tech-c: CRH20-RIPE status: SUB-ALLOCATED PA mnt-by: DeinServerHost created: 2020-07-07T20:37:53Z last-modified: 2022-07-02T07:08:42Z source: RIPE person: Christian Ralph Hennig address: Kirchplatz 17 address: 66571 Eppelborn address: Germany phone: +49-68815959100 nic-hdl: CRH20-RIPE mnt-by: DeinServerHost created: 2019-02-14T00:56:49Z last-modified: 2022-04-09T21:33:37Z source: RIPE route: 45.89.126.0/23 origin: AS213250 mnt-by: DeinServerHost created: 2022-02-26T00:44:04Z last-modified: 2022-02-26T00:44:04Z source: RIPE route: 45.89.126.0/23 origin: AS30823 mnt-by: DeinServerHost created: 2020-09-04T11:14:26Z last-modified: 2020-09-04T11:14:26Z source: RIPE
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 7 threat reports