IOC Radar
IPLowSignal 27/100

193.108.117.89

Location
GermanyGermany
Frankfurt, Hesse
ASN
AS63023
GlobalTeleHost Corp.
First Seen
Apr 14, 2021
Last Seen
May 12, 2026
Apr 14
First Seen
1886d ago
May 12
Last Seen
32d ago
6
Reports
source reports
27%
Confidence
low
0/91
VirusTotal
detections
Found in 6 reports. Confidence: low. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
27%
Signal Score
27 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountryDEGermany
RegionFrankfurt, Hesse
ASNAS63023
OrganizationGlobalTeleHost Corp.

IP Category

Proxy
Proxy server
VPN
VPN exit node

Feed Intelligence Summary

6 reports27% confidence
6
Source reports
27%
Confidence score
Category tags
active scanactive scanningddosddos attackdeeuropegermanynetworkopen proxyproxyreconnaissanceresearchedscannerspamt1595.001t1595.002t1595.003vpn

Activity Timeline

1 total obs
May 12May 12

Threat Activity Heatmap

· Peak: 2026-05-12
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address `193.108.117.89`, carries significant weight due to its consistent presence across multiple reputable threat intelligence feeds, including AbuseIPDB and SOCRadar Threat Exchange Services. Its classification with a score above 25 and explicit non-whitelisted status underscores its likely involvement in malicious or abusive network activities. Analysis reveals strong associations with numerous Android application files (.apk), suggesting it may s…

Threat ScoreLow Risk
27
SIGNAL
Signal Score
27%
Confidence
6
Reports
First seenApr 14, 2021
Last seenMay 12, 2026
GeolocationDE
CountryGermany
LocationFrankfurt, Hesse
ASNAS63023
OrgGlobalTeleHost Corp.
Coords50.1109, 8.6821
ProxyVPN

VirusTotal

0/ 91vendors flagged
0% detection rateJun 3, 2026

WHOIS

raw
inetnum: 193.108.116.0 - 193.108.119.255 netname: GLOBALTELEHOST country: DE org: ORG-GC119-RIPE admin-c: KT2051-RIPE tech-c: SC19442-RIPE abuse-c: AC43642-RIPE mnt-by: GTH-MNT status: ASSIGNED PI mnt-by: RIPE-NCC-END-MNT created: 1970-01-01T00:00:00Z last-modified: 2024-06-22T17:46:34Z source: RIPE sponsoring-org: ORG-ML410-RIPE organisation: ORG-GC119-RIPE org-name: GlobalTeleHost Corp. country: CA org-type: OTHER address: 95 Mural Street, 6th Floor, L4B 3G2, address: Richmond Hill, ON, Canada. abuse-c: AC43642-RIPE mnt-ref: GTH-MNT mnt-by: GTH-MNT created: 2017-04-11T18:57:17Z last-modified: 2024-06-27T15:56:04Z source: RIPE # Filtered person: Kolesnik Taras address: Kyiv, Olesya Gonchara str., 52, of. 159 phone: +38(044)2812302 nic-hdl: KT2051-RIPE mnt-by: TELEFAX-MNT created: 2012-06-28T15:37:24Z last-modified: 2017-09-29T07:07:17Z source: RIPE # Filtered person: Sergii Chernyshov address: 95 Mural Street, 6th Floor, L4B 3G2, Richmond Hill, ON, Canada phone: +1 905 549 9959 nic-hdl: SC19442-RIPE mnt-by: GTH-MNT created: 2017-06-28T08:55:38Z last-modified: 2017-06-28T08:55:38Z source: RIPE route: 193.108.117.0/24 origin: AS63023 mnt-by: GTH-MNT created: 2023-03-02T11:57:45Z last-modified: 2023-03-02T11:57:45Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

low
First detected 5 years ago · Last seen 1 month ago
Appeared in 6 threat reports