IPMediumSignal 40/100
5.180.253.97
Location
GermanyOffenbach, VA
ASN
AS44486
Rene Roeth trading as ROETH & BECK GbR
First Seen
Jan 8, 2025
Last Seen
Apr 25, 2026
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
40%
Signal Score
40 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionOffenbach, VA
ASNAS44486
OrganizationRene Roeth trading as ROETH & BECK GbR
IP Category
⟲
Proxy
Proxy server
Feed Intelligence Summary
20 reports40% confidence
20
Source reports
40%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningapplication layer protocolatif feedattackaustraliabad reputationbanlist feedbinary defenseblacklist activityblacklist hitbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptscisco devicecommand and controlcommand executioncowriecowrie honeypotcredential accesscredential harvestingcredential stuffingctadata encryptiondata exfiltrationdata store exposuredatabase securitydedecoy systemdevice managementdhcpdhcp exploitationdhcp requestdistributed attackselasticsearchelasticsearch brute forceelasticsearch scanencryptionenterprise networkingeuropeexploitation activityftpftp brute forcegermanyidentity & access exploitationimapimap brute forceindicatorinformation gatheringinfrastructure acquisitionreconnaissanceinjection activityiot securitylateral movementldapldap brute forcemalicious activitymalicious softwaremalwaremanualmemcached amplificationmemcached brute forcemssqlmssql brute forcenetworknetwork infrastructurenetwork intrusion attemptsnetwork monitoringnetwork protocolnetwork scanningnetwork securitynetwork service scanningnorth americantpntp amplificationoceaniaoracleoracle brute forcepassword attackpassword attacksphishingphishing attackpostgrespostgres brute forcepostgresql brute forceprocess injectionprotocol exploitationproxyqhoneypot activityransomwarereconnaissanceredisredis brute forceremote accessremote servicesresearchedscanscannersecurity policyserver exploitationservice scansftp attacksmbsmb brute forcesmb exploitationsnmpsnmp exploitationsnmp scansocial engineeringsocks5socks5 proxy activitysocks5 proxy attemptsocradar honeypotsql injectionsshssh attackssh monitoringsystem discoveryt1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1021.007t1040t1041t1046t1055t1059t1059.001t1059.003t1059.004t1059.005t1059.006t1059.007t1059.008t1071.001t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1486t1496t1499.001t1499.002t1499.003t1505.004t1565t1566.001t1566.002t1566.003t1587.001t1590.001t1595t1595.001t1595.002t1595.003targeting databasetelecommunicationstelnettelnet threatthreat actorthreat intelligencethreat preventiontor nodeunited statesvalid accountsvncvnc protocol
Activity Timeline
Apr 25Apr 25
Threat Activity Heatmap
· Peak: 2026-04-25LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
40
SIGNAL
Signal Score
40%
Confidence
20
Reports
First seenJan 8, 2025
Last seenApr 25, 2026
GeolocationDE
CountryGermany
LocationOffenbach, VA
ASNAS44486
OrgRene Roeth trading as ROETH & BECK GbR
Coords39.0019, -77.4556
Proxy
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 5.180.252.0 - 5.180.253.255 netname: DE-RUB-08 country: DE admin-c: RR12789-RIPE tech-c: AB39253-RIPE org: ORG-RRTA3-RIPE geofeed: https://roeth-und-beck.de/geofeed.csv status: SUB-ALLOCATED PA mnt-by: mnt-de-roethundbeck-1 created: 2022-04-13T08:32:17Z last-modified: 2024-07-15T09:26:27Z source: RIPE organisation: ORG-RRTA3-RIPE org-name: Rene Roeth trading as ROETH & BECK GbR country: DE org-type: LIR address: Kleine Schmidtgasse 1 address: 63571 address: Gelnhausen address: GERMANY phone: +4960514900300 fax-no: +4960514900311 admin-c: AB39253-RIPE admin-c: RR12789-RIPE tech-c: AB39253-RIPE tech-c: RR12789-RIPE abuse-c: AR52815-RIPE mnt-ref: mnt-de-roethundbeck-1 mnt-by: RIPE-NCC-HM-MNT mnt-by: mnt-de-roethundbeck-1 created: 2019-05-22T08:01:00Z last-modified: 2020-12-16T12:40:38Z source: RIPE # Filtered person: Andreas Beck address: Kleine Schmidtgasse 1 address: 63571 address: Gelnhausen address: GERMANY phone: +4960514900300 nic-hdl: AB39253-RIPE mnt-by: mnt-de-roethundbeck-1 created: 2019-05-22T08:00:59Z last-modified: 2020-07-14T17:22:20Z source: RIPE person: Rene Roeth address: Kleine Schmidtgasse 1 address: 63571 address: Gelnhausen address: GERMANY phone: +4960514900300 nic-hdl: RR12789-RIPE mnt-by: mnt-de-roethundbeck-1 created: 2019-05-22T08:00:59Z last-modified: 2020-07-14T17:21:27Z source: RIPE route: 5.180.252.0/23 origin: AS44486 org: ORG-RRTA3-RIPE descr: ROETH & BECK GbR mnt-by: mnt-de-roethundbeck-1 created: 2022-04-13T09:06:38Z last-modified: 2022-04-13T09:06:38Z source: RIPE organisation: ORG-RRTA3-RIPE org-name: Rene Roeth trading as ROETH & BECK GbR country: DE org-type: LIR address: Kleine Schmidtgasse 1 address: 63571 address: Gelnhausen address: GERMANY phone: +4960514900300 fax-no: +4960514900311 admin-c: AB39253-RIPE admin-c: RR12789-RIPE tech-c: AB39253-RIPE tech-c: RR12789-RIPE abuse-c: AR52815-RIPE mnt-ref: mnt-de-roethundbeck-1 mnt-by: RIPE-NCC-HM-MNT mnt-by: mnt-de-roethundbeck-1 created: 2019-05-22T08:01:00Z last-modified: 2020-12-16T12:40:38Z source: RIPE # Filtered
- references
- https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://redpiranha.net, https://github.com/telekom-security/tpotce, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 month ago
Appeared in 20 threat reports