IOC Radar
IPMediumSignal 90/100

5.75.202.98

Location
GermanyGermany
Nuremberg, Bavaria
ASN
AS24940
Hetzner
First Seen
Feb 16, 2025
Last Seen
Feb 15, 2026
Feb 16
First Seen
481d ago
Feb 15
Last Seen
117d ago
11
Reports
source reports
90%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
90%
Signal Score
90 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

22 techniques

Network Information

CountryDEGermany
RegionNuremberg, Bavaria
ASNAS24940
OrganizationHetzner

Feed Intelligence Summary

11 reports90% confidence
11
Source reports
90%
Confidence score
Category tags
abuseaccess controlactive scanningauthentication attacksauthentication failuresbotnetbrute forcebrute force attackcommand and controlcredential accesscredential stuffingctadata exfiltrationdedecoy systemdistributed attackseuropefail2ban eventsftp brute forcegermanyindicatormalicious softwaremalwarenetworknetwork scanningpassword attackspassword crackingprocess injectionreconnaissanceresearchedscannersecurity operationssecurity policyssh attackt1021t1021.001t1055t1059t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1589t1595t1595.001t1595.002t1595.003threat intelligencethreat preventionunited kingdom

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
90
SIGNAL
Signal Score
90%
Confidence
11
Reports
First seenFeb 16, 2025
Last seenFeb 15, 2026
GeolocationDE
CountryGermany
LocationNuremberg, Bavaria
ASNAS24940
OrgHetzner
Coords51.2993, 9.4910

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
raw
inetnum: 5.75.192.0 - 5.75.207.255 netname: CLOUD-NBG1 country: DE status: ASSIGNED PA org: ORG-HOA1-RIPE admin-c: HOAC1-RIPE tech-c: HOAC1-RIPE mnt-by: HOS-GUN remarks: INFRA-AW created: 2023-12-12T11:51:46Z last-modified: 2023-12-12T11:51:46Z source: RIPE organisation: ORG-HOA1-RIPE org-name: Hetzner Online GmbH country: DE org-type: LIR address: Industriestrasse 25 address: D-91710 address: Gunzenhausen address: GERMANY phone: +49 9831 5050 fax-no: +49 9831 5053 admin-c: MF1400-RIPE admin-c: GM834-RIPE admin-c: HOAC1-RIPE admin-c: MH375-RIPE admin-c: SK2374-RIPE admin-c: SK8441-RIPE abuse-c: HOAC1-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: HOS-GUN mnt-by: RIPE-NCC-HM-MNT mnt-by: HOS-GUN created: 2004-04-17T11:07:58Z last-modified: 2022-11-22T18:32:44Z source: RIPE # Filtered role: Hetzner Online GmbH - Contact Role address: Hetzner Online GmbH address: Industriestrasse 25 address: D-91710 Gunzenhausen address: Germany phone: +49 9831 505-0 fax-no: +49 9831 505-3 abuse-mailbox: [email protected] remarks: ************************************************* remarks: * For spam/abuse/security issues please contact * remarks: * [email protected], or fill out the form at * remarks: * abuse.hetzner.com, thank you. * remarks: ************************************************* remarks: remarks: ************************************************* remarks: * Any questions on Peering please send to * remarks: * [email protected] * remarks: ************************************************* org: ORG-HOA1-RIPE admin-c: MH375-RIPE tech-c: GM834-RIPE tech-c: SK2374-RIPE tech-c: MF1400-RIPE tech-c: SK8441-RIPE tech-c: DD15478-RIPE nic-hdl: HOAC1-RIPE mnt-by: HOS-GUN created: 2004-08-12T09:40:20Z last-modified: 2022-11-22T18:33:55Z source: RIPE # Filtered route: 5.75.128.0/17 org: ORG-HOA1-RIPE descr: HETZNER-DC origin: AS24940 mnt-by: HOS-GUN created: 2019-09-19T11:45:00Z last-modified: 2019-09-19T11:45:00Z source: RIPE organisation: ORG-HOA1-RIPE org-name: Hetzner Online GmbH country: DE org-type: LIR address: Industriestrasse 25 address: D-91710 address: Gunzenhausen address: GERMANY phone: +49 9831 5050 fax-no: +49 9831 5053 admin-c: MF1400-RIPE admin-c: GM834-RIPE admin-c: HOAC1-RIPE admin-c: MH375-RIPE admin-c: SK2374-RIPE admin-c: SK8441-RIPE abuse-c: HOAC1-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: HOS-GUN mnt-by: RIPE-NCC-HM-MNT mnt-by: HOS-GUN created: 2004-04-17T11:07:58Z last-modified: 2022-11-22T18:32:44Z source: RIPE # Filtered
references
https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 11 threat reports