IOC Radar
IPMediumSignal 78/100

85.215.217.242

Location
GermanyGermany
Frankfurt am Main, Hesse
ASN
AS8560
De Ber Ionos Cloud Txl
First Seen
May 15, 2025
Last Seen
Jan 31, 2026
May 15
First Seen
408d ago
Jan 31
Last Seen
147d ago
6
Reports
source reports
78%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
78%
Signal Score
78 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, Hesse
ASNAS8560
OrganizationDe Ber Ionos Cloud Txl

Feed Intelligence Summary

6 reports78% confidence
6
Source reports
78%
Confidence score
Category tags
active scanningbotnetbrute forcebrute force attackcommand and controlcredential accesscredential stuffingdata exfiltrationddosdenial of servicedistributed attackseuropeexploit attemptsftp brute forcegermanyhttp brute forceindicatorlateral movementmalicious softwaremalwaremalware propagationmalware scanningnetworknetwork probingnetwork scanningpassword attacksprocess injectionreconnaissanceremote accessremote servicesresearchedscannersmtp brute forcesql injection attemptsssh attackt1021t1021.001t1046t1055t1059t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.002t1499.003t1563t1565t1588t1595t1595.001t1595.002t1595.003

Activity Timeline

1 total obs
Jan 31Jan 31

Threat Activity Heatmap

· Peak: 2026-01-31
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
78
SIGNAL
Signal Score
78%
Confidence
6
Reports
First seenMay 15, 2025
Last seenJan 31, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS8560
OrgDe Ber Ionos Cloud Txl
Coords51.2993, 9.4910

VirusTotal

Not checked

WHOIS

raw
inetnum: 85.215.216.0 - 85.215.223.255 netname: de-ber-ionos-cloud-txl descr: IONOS SE country: DE admin-c: IPAD-RIPE tech-c: IPOP-RIPE abuse-c: PBHM-RIPE status: ASSIGNED PA mnt-by: AS8560-MNT created: 2024-11-21T17:03:30Z last-modified: 2024-11-21T17:03:30Z source: RIPE # Filtered role: IP Administration address: IONOS SE admin-c: JR2342-RIPE admin-c: SH15342-RIPE tech-c: JR2342-RIPE tech-c: SH15342-RIPE mnt-ref: AS8560-MNT nic-hdl: IPAD-RIPE abuse-mailbox: [email protected] mnt-by: AS8560-MNT created: 2009-05-20T17:24:09Z last-modified: 2024-08-06T14:19:45Z source: RIPE # Filtered role: IP Operations address: IONOS SE admin-c: JR2342-RIPE admin-c: SH15342-RIPE tech-c: JR2342-RIPE tech-c: SH15342-RIPE mnt-ref: AS8560-MNT nic-hdl: IPOP-RIPE abuse-mailbox: [email protected] mnt-by: AS8560-MNT created: 2009-05-28T16:25:04Z last-modified: 2024-08-06T14:19:08Z source: RIPE # Filtered route: 85.215.128.0/17 descr: IONOS SE ber.de origin: AS8560 mnt-by: AS8560-MNT created: 2024-02-01T10:20:15Z last-modified: 2024-02-01T10:20:15Z source: RIPE # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 6 threat reports