IPMediumSignal 100/100
188.172.229.15
Location
AustriaVienna, Vienna
ASN
AS197540
ANX
First Seen
Nov 17, 2023
Last Seen
Jun 6, 2026
Found in 32 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryAustria
AustriaRegionVienna, Vienna
ASNAS197540
OrganizationANX
Feed Intelligence Summary
32 reports99% confidence
32
Source reports
99%
Confidence score
Category tags
abuseaccount brute forceactive scanningalienvault_ransomwareattackaustriaauthentication attackauthentication bypassbotnetbrute forcebrute force attackbrute_forcecertcisacisa advisorycode executioncommand and controlcommand executioncommand injectioncommunication protocolcontactcredential accesscredential harvestingcredential stuffingcredential_accesscybercyboxd brokerdbdata exfiltrationdb brokerdb accessdecoy systemdenial of servicedistributed attacksenumerationeuropeexfiltrationexploitation of pgpasswordfileobjftpftp brute forcegogogsbadmin credential compromisehackinghashhasheshttp brute forcehttp scannerimapindicatoringress tool transferinitial accessinstallipv4ivanti connect secureivanti epmmivanti policy securelateral movementlocalmalicious activitymalicious downloadmalicious softwaremalwaremalware distributionmatrixnetworknetwork attacksnetwork intrusionnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork_reconnaissanceobjectpassword attackpassword attackspersistence mechanismspgpasswordpgsqlpwphishingphishing attackprivilege escalationprocess injectionprotocol exploitationpsexecpythonrce vulnerabilityreconnaissanceredacted gsbremote accessremote code executionremote servicesresearchedscannersmallsmb scanningsmtpsmtp brute forcesocial engineeringsoftware exploitationspamssh attackstixstrongsyn scant1003t1003.001t1018t1021t1021.001t1027t1027.003t1040t1046t1053.005t1055t1059t1059.004t1068t1071t1071.001t1076t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1140t1189t1190t1199t1203t1204.002t1210t1219t1486t1496t1499.001t1499.002t1499.003t1505t1505.003t1543.003t1547.001t1548t1550.002t1552t1555.003t1556t1563t1564t1565t1566t1566.001t1566.002t1566.003t1589t1595t1595.001t1595.002t1595.003tcp protocoltcp scantcp scanningtelnet threatthreat actorthreat intelligencetitletoolsu gsbadminudp scanupgradeusweb application attackweb exploitationweb trafficwebshell deploymentzerozero-day vulnerability
Activity Timeline
Jun 6Jun 6
Threat Activity Heatmap
· Peak: 2026-06-06LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
32
Reports
First seenNov 17, 2023
Last seenJun 6, 2026
GeolocationAT
CountryAustria
LocationVienna, Vienna
ASNAS197540
OrgANX
Coords48.1951, 16.3483
VirusTotal
Not checked
WHOIS
- description
- CC=AT ASN=AS197540 netcup GmbH
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 6 days ago
Appeared in 32 threat reports