IOC Radar
IPMediumSignal 50/100

79.133.51.126

Location
GermanyGermany
Frankfurt am Main, Bayern
ASN
AS214036
UltaHost Inc
First Seen
Jul 12, 2023
Last Seen
Apr 5, 2026
Jul 12
First Seen
1066d ago
Apr 5
Last Seen
69d ago
14
Reports
source reports
50%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
50%
Signal Score
50 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, Bayern
ASNAS214036
OrganizationUltaHost Inc

Feed Intelligence Summary

14 reports50% confidence
14
Source reports
50%
Confidence score
Category tags
active scanadversary simulation toolaptbeaconbeaconing activitybotnetbotnet activitybrute forcec2c2 frameworkcobaltstrikecommand & controlcommand and controlcredential harvestingcredential stuffingdata exfiltrationdata store exposurededistributed attackseuropeexploitation activitygermanyidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinjection activitylateral movementlateral movement techniquesmalicious softwaremalwaremanualnetworkpayload deploymentpayload generationpenetration testing toolphishingphishing attackpost-exploitationpost-exploitation activitiesprocess injectionransomwareresearchedsocial engineeringt1003t1016t1018t1027t1041t1047t1055t1059t1059.001t1071t1071.001t1078t1083t1090t1090.001t1105t1190t1210t1486t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1567t1573t1573.001t1587.001t1590.001threat actortor node

Activity Timeline

1 total obs
Apr 5Apr 5

Threat Activity Heatmap

· Peak: 2026-04-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
50
SIGNAL
Signal Score
50%
Confidence
14
Reports
First seenJul 12, 2023
Last seenApr 5, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Bayern
ASNAS214036
OrgUltaHost Inc
Coords48.1374, 11.5755

VirusTotal

Not checked

WHOIS

raw
inetnum: 79.133.51.0 - 79.133.51.255 netname: DE-FIRSTCOLO remarks: Customer Assignment country: DE admin-c: COLO-RIPE tech-c: COLO-RIPE abuse-c: COLO-RIPE mnt-by: ACCELERATED-MNT created: 2022-09-30T07:30:28Z last-modified: 2024-05-17T20:13:08Z source: RIPE status: ASSIGNED PA role: First Colo Ripe Coordination address: First Colo GmbH address: Hanauer Landstr. 291b address: D-60314 Frankfurt am Main address: Germany phone: +49-(0)69-120069-0 fax-no: +49-(0)69-120069-55 abuse-mailbox: [email protected] remarks: remarks: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * remarks: * Complaints about internet abuse like spam, hack attacks, scans, etc. * remarks: * please mail to: --> abuse [@] first-colo [.] net <-- * remarks: * Requests from law enforcement (only!), send fax to: +49 (0) 69 1200 69 55 * remarks: * Inquiries can only be processed, if sent to the correct address. * remarks: * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * remarks: admin-c: LEKR-RIPE admin-c: NKA-RIPE tech-c: LEKR-RIPE tech-c: NKA-RIPE nic-hdl: COLO-RIPE mnt-by: MNT-FIRSTCOLO created: 2007-09-28T19:01:39Z last-modified: 2021-01-27T12:48:26Z source: RIPE # Filtered route: 79.133.32.0/19 descr: First Colo via AS44066 origin: AS44066 mnt-by: MNT-FIRSTCOLO created: 2007-11-30T08:52:47Z last-modified: 2007-11-30T08:54:23Z source: RIPE
references
https://threatfox.abuse.ch/export/csv/recent/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 2 months ago
Appeared in 14 threat reports