IOC Radar
IPMediumSignal 36/100

85.209.48.139

Location
GermanyGermany
Nuremberg, Baden-Wurttemberg
ASN
AS197540
netcup GmbH
First Seen
Jan 28, 2026
Last Seen
May 17, 2026
Jan 28
First Seen
145d ago
May 17
Last Seen
37d ago
5
Reports
source reports
36%
Confidence
medium
Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
36%
Signal Score
36 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryDEGermany
RegionNuremberg, Baden-Wurttemberg
ASNAS197540
Organizationnetcup GmbH

Feed Intelligence Summary

5 reports36% confidence
5
Source reports
36%
Confidence score
Category tags
auto-generated securitydeeuropegermanyindicatormalwaremastodon-benignnetworkresearchedverified-benign

Activity Timeline

1 total obs
May 17May 17

Threat Activity Heatmap

· Peak: 2026-05-17
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
36
SIGNAL
Signal Score
36%
Confidence
5
Reports
First seenJan 28, 2026
Last seenMay 17, 2026
GeolocationDE
CountryGermany
LocationNuremberg, Baden-Wurttemberg
ASNAS197540
Orgnetcup GmbH
Coords49.4527, 11.0783

VirusTotal

Not checked

WHOIS

description
Imported indicator
raw
inetnum: 85.209.48.0 - 85.209.49.255 netname: DE-NETCUP-SERVER country: DE org: ORG-nG51-RIPE admin-c: OW699-RIPE tech-c: OW699-RIPE status: ASSIGNED PA mnt-by: NETCUP-MNT mnt-lower: NETCUP-MNT mnt-routes: NETCUP-MNT created: 2020-04-02T14:09:42Z last-modified: 2020-04-02T14:09:42Z source: RIPE remarks: INFRA-AW organisation: ORG-nG51-RIPE org-name: netcup GmbH country: DE org-type: LIR address: Emmy-Noether-Stra�e-10 address: 76131 address: Karlsruhe address: GERMANY phone: +4972175407550 fax-no: +4972175407559 reg-nr: District court Mannheim HRB 705547 admin-c: OW395-RIPE abuse-c: NA4042-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: NETCUP-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: NETCUP-MNT created: 2010-11-03T10:05:19Z last-modified: 2026-04-29T05:03:29Z source: RIPE # Filtered person: Oliver Werner address: Daimlerstr. 25 address: 76185 address: Karlsruhe address: GERMANY phone: +4972175407550 nic-hdl: OW699-RIPE mnt-by: NETCUP-MNT created: 2019-01-22T15:42:52Z last-modified: 2019-01-22T15:42:53Z source: RIPE route: 85.209.48.0/22 origin: AS197540 mnt-by: NETCUP-MNT created: 2019-02-26T10:42:11Z last-modified: 2019-02-26T10:42:11Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 months ago · Last seen 1 month ago
Appeared in 5 threat reports