IOC Radar
IPMediumSignal 55/100

62.171.158.50

Location
GermanyGermany
Frankfurt am Main, Hesse
ASN
AS51167
Contabo GmbH
First Seen
Dec 15, 2025
Last Seen
Jan 31, 2026
Dec 15
First Seen
194d ago
Jan 31
Last Seen
147d ago
20
Reports
source reports
55%
Confidence
medium
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

40 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, Hesse
ASNAS51167
OrganizationContabo GmbH

Feed Intelligence Summary

20 reports55% confidence
20
Source reports
55%
Confidence score
Category tags
abuseaccess controlactive scanningadbhoney honeypotapacheapache attackeraptasiaattackaustraliabad web botblacklist checkbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptsbrute-force attackc2 communicationchinacisco devicecisco device targetingcisco exploitation attemptcommand and controlcommand executioncommand injectioncommunication protocolcompromised credentialsconpot honeypotcowrie honeypotcowrie interactionscowrie ssh logscredential accesscredential brute forcingcredential stuffingcve exploitationdasan gpondata encryptiondata exfiltrationdatabase attackdatabase securityddos attackdecoy systemdenial of servicedevice managementdhcpdhcp scanningdionaea honeypotdirectory traversaldistributed attacksdnselasticsearchelasticsearch scanningenterprise networkingeuropeexploitexploitationexploited hostexploitsfattfranceftpftp brute forceftp brute-forcegermanyhackinghoneytrap honeypothttp scannerics securityimapimap scanningindiaindicatorindustrial control systemsinformation gatheringinitial accessinjection attacksiot devicesiot targetediot/ics attacklamplamp exploitation attemptslamp server targetinglamp stack targetinglamp vulnerability scanlateral movementldapldap scanninglog injectionlog4jmailoney honeypotmalicious activitymalicious login attemptsmalicious softwaremalwaremalware behaviourmalware capturememcache scanningmozi botnetmssqlmssql scanningnetgearnetworknetwork discoverynetwork infrastructurenetwork intrusion attemptsnetwork monitoringnetwork protocolnetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnorth americantpntp scanningoceaniaoracleoracle scanningp0fpassword attackpassword attacksphishing attackphishing trapping of deathpossible malware distributionpostgres scanningprocess injectionprotocol exploitationrcereconnaissanceredis scanningremote accessremote code executionremote servicesresearchedresource hijackingscanscannerscanning activityscripting attackssecurity policysensor-taggedsentrypeer botnetserver exploitationsftp access attemptsftp attacksip scanningsmb scanningsmtpsocks5socks5 scanningsocradar honeypotsora botnetsql injectionssh attackssh monitoringsystembc botnett1018t1021t1021.001t1021.002t1040t1041t1055t1059t1059.003t1059.004t1059.005t1059.007t1071t1071.001t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1203t1204.002t1486t1496t1497t1499.001t1499.002t1499.003t1505.004t1555t1565t1566t1595t1595.001t1595.002t1595.003tannertelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontpotunauthorized accessunited statesvnc protocolvnc scanningvoipvoip attackweb application attackweb attackweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Jan 31Jan 31

Threat Activity Heatmap

· Peak: 2026-01-31
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
20
Reports
First seenDec 15, 2025
Last seenJan 31, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS51167
OrgContabo GmbH
Coords50.1169, 8.6837

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 6 months ago · Last seen 4 months ago
Appeared in 20 threat reports