IOC Radar
IPMediumSignal 68/100

64.188.116.27

Location
GermanyGermany
Frankfurt am Main, Hesse
ASN
AS213877
u1host ltd
First Seen
Feb 24, 2026
Last Seen
Jun 12, 2026
Feb 24
First Seen
121d ago
Jun 12
Last Seen
14d ago
19
Reports
source reports
68%
Confidence
medium
Found in 19 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
68%
Signal Score
68 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

40 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, Hesse
ASNAS213877
Organizationu1host ltd

Feed Intelligence Summary

19 reports68% confidence
19
Source reports
68%
Confidence score
Category tags
abuseaccess attemptsaccount compromiseactive scanactive scanningapacheapache attackeraptasiaattackauthenticationauthentication abuseauthentication bruteforcingautomated attackbad reputationbad web botblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsc2cloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommunication protocolcompromised hostcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackdedecoy systemdenial of servicedigital oceandigitalocean ipsdistributed attackseuropeexploit public-facing applicationexploitation activityexploited hostexternal remote servicesftpftp brute forcegermanyhackinghttp brute forcehttp scannerhttpsidentity & access exploitationindiainjection activityinjection attacksiocipv4japanlogin attacklogin attemptsmalicious activitymalicious softwaremalwaremalware botnet activitymalware distributionnetworknetwork attacksnetwork discoverynetwork intrusionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service discoverynorth americaopenctipassword attackpassword attacksphishingphishing attackping of deathprocess injectionprotocol exploitationproxyreconnaissanceremote accessremote servicesresearchedresource hijackingscannerscannersscanning activitysecurity operationssingaporesocial engineeringssh attackt1018t1021t1021.001t1021.002t1040t1046t1055t1059t1059.003t1071t1071.001t1076t1078t1078.001t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1589t1590t1595t1595.001t1595.002t1595.003tcp protocoltcp scantelnet threatthreat actorthreat intelligencetor nodeudp scanunauthorized accessunited statesus /32valid accountsweb app attackweb application attackweb exploitationweb traffic

Activity Timeline

1 total obs
Jun 12Jun 12

Threat Activity Heatmap

· Peak: 2026-06-12
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
68
SIGNAL
Signal Score
68%
Confidence
19
Reports
First seenFeb 24, 2026
Last seenJun 12, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS213877
Orgu1host ltd
Coords50.1169, 8.6837

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 months ago · Last seen 14 days ago
Appeared in 19 threat reports