IPMediumSignal 61/100
5.180.61.17
Location
GermanyBerlin, State of Berlin
ASN
AS147049
Packethub S.A
First Seen
Sep 30, 2022
Last Seen
Apr 19, 2026
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
61%
Signal Score
61 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGermany
GermanyRegionBerlin, State of Berlin
ASNAS147049
OrganizationPackethub S.A
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
15 reports61% confidence
15
Source reports
61%
Confidence score
Category tags
active scanagent teslaanna paulabackdoorblnwxbodybox javascriptbrute forcebrute_forcebuttoncasecat telecomccth asnas9335ccvn asnas38731ccvn asnas45899certchina chopperchoppercht compamycisco securecisco talosck mappingclosecloud infrastructurecode executioncode injectioncommand executioncompany logocredential accesscredential harvestingcredential stuffingcredential_accessdata accessdata copyingdata exfiltrationdata store exposuredata transferdch vdefault webdefense evasiondesktopdumpenterprise securityeuropeexchange serverexploitexploitation activityfindfooterformfrom emailftpgermanygithubgtschashheader dropdownheadersidentity & access exploitationimpactindicatorinformation technologyinfrastructure acquisitionreconnaissanceinjection activityinput validation bypassiociocsipv4it infrastructurelinkmainmalicious powershell activitymalicious softwaremalspam emailmalwaremanualmetadata analysismitre attmsi filename resourcenetworknetwork securitynetwork_reconnaissancenodo tornordvpnnorth americaopenpatch managementpath traversalphishingphishing attackprocess injectionproductprotocol exploitationproxyproxynotshellpublic companyransomwareredteamreloadremote accessremote servicesreportresearchedscriptscripting attacksserverssnakesnakekeyloggersocial engineeringsocial media securitysoftware developmentsoftware exploitationsoftware vulnerabilitiesspamspanssh attackstart1003.001t1005t1021t1021.001t1027t1030t1040t1047t1049t1055t1059t1059.001t1059.003t1070.004t1071.001t1076t1078t1086t1087.001t1105t1110t1110.002t1133t1190t1203t1204.002t1486t1560.001t1563t1565t1566.001t1566.002t1566.003t1570t1586.002t1587.001t1590.001t1595t1620tatic idteamtelnet threatthreat actorthreat inteltor nodetrashturkeyunited statesurlsvnpt corpvpnvulnerability scanweb applianceweb application attackweb application exploitationwebshellwritezero dayzip archive
Activity Timeline
Apr 19Apr 19
Threat Activity Heatmap
· Peak: 2026-04-19LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This IPv4 address, `5.180.61.17`, represents a critical Indicator of Compromise (IOC) with a high-risk score of 61.48, signaling its significant involvement in malicious activities. Its detection within an organizational network environment should be treated with immediate concern, as it points to potential active targeting or ongoing compromise. The widespread presence of this IP across numerous reputable threat intelligence feeds underscores its notoriety and active utilization in hostile oper…
Threat ScoreMedium Risk
61
SIGNAL
Signal Score
61%
Confidence
15
Reports
First seenSep 30, 2022
Last seenApr 19, 2026
GeolocationDE
CountryGermany
LocationBerlin, State of Berlin
ASNAS147049
OrgPackethub S.A
Coords52.5196, 13.4069
ProxyVPN
VirusTotal
Not checked
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 years ago · Last seen 1 month ago
Appeared in 15 threat reports