IOC Radar
IPMediumSignal 54/100

79.110.62.8

Location
GermanyGermany
Frankfurt am Main, Hesse
ASN
AS213893
Vecna Hosting Limited
First Seen
Feb 3, 2024
Last Seen
Oct 3, 2025
Feb 3
First Seen
870d ago
Oct 3
Last Seen
262d ago
4
Reports
source reports
54%
Confidence
medium
Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
54%
Signal Score
54 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

50 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, Hesse
ASNAS213893
OrganizationVecna Hosting Limited

IP Category

Proxy
Proxy server

Feed Intelligence Summary

4 reports54% confidence
4
Source reports
54%
Confidence score
Category tags
accessactive scanningadminapiattackbotnetbrute forcebrute force attemptsciscocisco asacisco asa attackcisco devicecommand and controlcompromise assessmentconfigcowriecowrie honeypotcowrie interactioncowrie ssh honeypotcredential accesscredential stuffingdata exfiltrationdatabase attackddosddos attemptdecoy systemdenial of servicedesktopdevice managementdionaea honeypotdionaea interactiondistributed attacksenterprise networkingenumerationeuropeexploit attemptexploitationftp brute forcegermanygithubgroupshtmlhttphttp brute forcehttp scanninghttps scanningimap brute forceindexinitial accessiot attacklateral movementmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware distribution attemptnetworknetwork enumerationnetwork infrastructurenetwork intrusion attemptnetwork intrusion attemptsnetwork probingnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork traffic analysispayloadpop3 brute forcepossible malware probingprocess injectionprotocol exploitationproxypythonransomware probereconnaissanceredmineremote accessremote servicesresearchedscannerscanning activityscriptscripting attackssftpsftp attacksip brute forceslugsmb scanningsmtp brute forcesql injection attemptsshssh attackssh monitoringsurface webt1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1041t1046t1048t1055t1057t1059t1059.004t1059.005t1059.007t1065t1068t1071t1071.001t1076t1078t1083t1110t1110.001t1110.002t1110.003t1133t1190t1203t1204t1210t1486t1496t1499.001t1499.002t1499.003t1539t1562t1563t1565t1566t1583t1588t1589t1595t1595.001t1595.002t1595.003tannertanner interactiontelnet threatthreat actorthreat intelligencetpotceunauthorized accessunauthorized access attemptunauthorized login attemptsv2web attackweb exploitationxml

Activity Timeline

1 total obs
Oct 3Oct 3

Threat Activity Heatmap

· Peak: 2025-10-03
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
54
SIGNAL
Signal Score
54%
Confidence
4
Reports
First seenFeb 3, 2024
Last seenOct 3, 2025
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS213893
OrgVecna Hosting Limited
Coords50.1109, 8.6821
Proxy

VirusTotal

Not checked

WHOIS

description
2024-12-12T01:59:51.526Z Honeypot : Ciscoasa : Source: 79.110.62.8 : Message: {'timestamp': '2024-12-12T01:59:51.526265', 'src_ip': '79.110.62.8', 'payload_printable': '"POST /+webvpn+/index.html HTTP/1.1" 200 -'}

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 8 months ago
Appeared in 4 threat reports