IOC Radar
IPMediumSignal 48/100

5.182.209.19

Location
NetherlandsNetherlands
Amsterdam, NH
ASN
AS62068
SpectraIP B.V.
First Seen
Mar 19, 2025
Last Seen
May 4, 2026
Mar 19
First Seen
449d ago
May 4
Last Seen
38d ago
19
Reports
source reports
48%
Confidence
medium
Found in 19 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
48%
Signal Score
48 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

56 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, NH
ASNAS62068
OrganizationSpectraIP B.V.

Feed Intelligence Summary

19 reports48% confidence
19
Source reports
48%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningattachment phishingattackaustraliaautomated emailbad reputationbankingbase64base64 encodingbecblacklist candidateblacklisted ipbotnetbotnet activitybrute forcebrute force attackbrute-forcebruteforcebulk emailc2c2 servercommand & controlcommand and controlcommunication protocolcommunication securitycompromised hostcompromised hostscompromised systemcowrie honeypotcowrie ssh attackscredential accesscredential harvestingcredential phishingcredential stuffingcredit card servicesdata exfiltrationdata store exposureddosddos attackddos attacksdecoy systemdenial of servicedionaea honeypotdistributed attackseuropeexfiltrationexploitationexploitation activityexploited hostfinancefinance and insurancefinancial servicesfinancial technologyfraud voipftp brute forcehackinghoneytrap honeypotidentity & access exploitationindicatorinfected systeminjection activityinternet of thingsintrusion detectioniot botnetiot securityiot/ics attackipv4lamplateral movementmailoney honeypotmalicious activitymalicious ip addressesmalicious login attemptsmalicious softwaremalwaremalware behaviourmalware capturemalware distributionmirai botnetnetherlandsnetworknetwork attacksnetwork intrusionnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnloceaniapasswordpassword attackspassword theftpayment fraudpayment processingphishingphishing attackphishing campaignphishing trappossible brute forceprice requestprice request scamprocess injectionreconnaissanceresearchedresource hijackingscams & fraudscanscannerscanning activityschedule themescheduled task abusesecurity policysentrypeer botnetsentrypeer dataservice enumerationsftp attacksip brute forcesip scanningsocial engineeringssh attackssh monitoringt1003t1003.001t1016t1018t1021t1021.001t1021.002t1021.004t1021.006t1040t1041t1046t1053.005t1055t1059t1059.001t1059.004t1071t1071.001t1078t1078.001t1078.002t1078.004t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1192t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1566.004t1569t1573t1573.001t1589t1589.002t1595t1595.001t1595.002t1595.003t1598t1598.003tannertariff server compromisetariff server themetariffs servertcp protocoltelecommunicationsthreat actorthreat detectionthreat intelligencethreat preventiontor nodetsecunauthorized access attemptsunknown threat actorvoipvoip attackvulnerability scanwealth managementweb application attackweb exploitationweb scannerwetransfer abuse

Activity Timeline

1 total obs
May 4May 4

Threat Activity Heatmap

· Peak: 2026-05-04
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
48
SIGNAL
Signal Score
48%
Confidence
19
Reports
First seenMar 19, 2025
Last seenMay 4, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, NH
ASNAS62068
OrgSpectraIP B.V.
Coords52.3716, 4.8883

VirusTotal

Not checked

WHOIS

raw
inetnum: 5.182.209.0 - 5.182.209.255 netname: SpectraIP-customers descr: SpectraIP B.V. country: NL geoloc: 52.3702 4.8952 admin-c: SA35974-RIPE tech-c: SA35974-RIPE status: ASSIGNED PA mnt-by: SpectraIP created: 2019-04-09T10:21:56Z last-modified: 2025-03-14T22:06:31Z source: RIPE role: SpectraIP B.V. address: Bruynvisweg 11 address: 1531AX address: Wormer address: NETHERLANDS org: ORG-SB523-RIPE nic-hdl: SA35974-RIPE mnt-by: SPECTRAIP-MNT created: 2015-12-01T00:12:31Z last-modified: 2021-11-10T12:38:14Z source: RIPE # Filtered abuse-mailbox: [email protected] route: 5.182.209.0/24 descr: SpectraIP B.V. origin: AS62068 mnt-by: SPECTRAIP-MNT created: 2019-04-09T10:22:09Z last-modified: 2021-12-10T22:15:14Z source: RIPE
references
https://github.com/telekom-security/tpotce, https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 19 threat reports