IOC Radar
IPMediumSignal 85/100

82.165.247.100

Location
GermanyGermany
Essen, North Rhine-Westphalia
ASN
AS8560
De Rhr Bap Ngcs Public
First Seen
Apr 6, 2026
Last Seen
Jun 11, 2026
Apr 6
First Seen
76d ago
Jun 11
Last Seen
11d ago
14
Reports
source reports
85%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
85%
Signal Score
85 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

26 techniques

Network Information

CountryDEGermany
RegionEssen, North Rhine-Westphalia
ASNAS8560
OrganizationDe Rhr Bap Ngcs Public

Feed Intelligence Summary

14 reports85% confidence
14
Source reports
85%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningattackbad reputationbad web botblocklistblog spambotnetbotnet activitybrute forcebrute force attackbrute-forcebruteforcecivil servicescloud infrastructurecloud infrastructure attackcloud servicescommand and controlcommand executioncowrie honeypotcredential accesscredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attackdedecoy systemdenial of servicedhcpdigital oceandionaea honeypotdistributed attackselasticsearchencryptioneuropeexploitexploitation activityexploited hostfattfraud ordersftpftp brute-forcegermanygovernment technologyhackinghoneytrap honeypotidentity & access exploitationimapindicatorinformation gatheringinformation technologyinjection activityinjection attacksiot securityiot targetedit infrastructurelateral movementldapmailoney honeypotmalicious activitymalicious ipmalwaremalware behaviourmalware capturemiraimssqlnetworknetwork monitoringnetwork protocolnetwork scanningnetwork securityntporaclep0fpassword attacksphishingphishing attackphishing trapping of deathportscanprotocol exploitationpublic administrationpublic infrastructurepublic policyransomwarereconnaissanceregulatory agenciesremote accessremote servicesresearchedresource hijackingscams & fraudscanscannerscannerssecurity policysensor-taggedsentrypeer botnetserver exploitationservice scansocial engineeringsocks5socradar honeypotsoftware developmentspamsql injectionsshssh attackssh monitoringt1021.001t1021.002t1040t1059.003t1059.005t1071.001t1077t1078t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1505.004t1566.001t1566.002t1566.003t1595.001t1595.002t1595.003tannertargeting databasetcptelnettelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotvnc protocolvoip attackvulnerability scanvulnerability-exploitationvultrweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Jun 11Jun 11

Threat Activity Heatmap

· Peak: 2026-06-11
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
85
SIGNAL
Signal Score
85%
Confidence
14
Reports
First seenApr 6, 2026
Last seenJun 11, 2026
GeolocationDE
CountryGermany
LocationEssen, North Rhine-Westphalia
ASNAS8560
OrgDe Rhr Bap Ngcs Public
Coords51.4576, 7.0225

VirusTotal

Not checked

WHOIS

description
Score: 95/100. Labels: abuseipdb:brute-force, abuseipdb:critical, abuseipdb:exploited-host, abuseipdb:hacking, abuseipdb:port-scan, abuseipdb:reported. Attacker IP 82.165.247.100 observed using HTTP client fingerprint 'HTTP Client: libredtail-http' 39 times when connecting to db1lapetro between 2026-04-07 13:28 and 2026-04-07 13:28 UTC.

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 11 days ago
Appeared in 14 threat reports