IOC Radar
IPMediumSignal 76/100

2.26.80.121

Location
GermanyGermany
Orem, ENG
ASN
AS215439
Ace Data Centers II, LLC
First Seen
May 31, 2026
Last Seen
Jun 4, 2026
May 31
First Seen
14d ago
Jun 4
Last Seen
10d ago
10
Reports
source reports
76%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
76%
Signal Score
76 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

1 techniques

Network Information

CountryDEGermany
RegionOrem, ENG
ASNAS215439
OrganizationAce Data Centers II, LLC

Feed Intelligence Summary

10 reports76% confidence
10
Source reports
76%
Confidence score
Category tags
abuseactive scanaptbad reputationbrute forcecowriededionaeaeuropeexploitation activityexploited hostfattgermanyhackinginbound scanindicatornetworkp0fresearchresearchedscannersensor-taggedssh-brutet1595tannerthreat actortpotunited kingdom

Activity Timeline

1 total obs
Jun 4Jun 4

Threat Activity Heatmap

· Peak: 2026-06-04
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The IOC score of 75.95 and its "No" whitelist status immediately flag this IPv4 address (2.26.80.121) as a high-severity threat, indicating a significant risk to organizational security. This IP address is strongly associated with malicious reconnaissance activities, specifically active scanning, and has been identified as part of botnet infrastructure through various threat intelligence sources and honeypot observations. If this indicator is detected within an organization's network, it points …

Threat ScoreHigh Risk
76
SIGNAL
Signal Score
76%
Confidence
10
Reports
First seenMay 31, 2026
Last seenJun 4, 2026
GeolocationDE
CountryGermany
LocationOrem, ENG
ASNAS215439
OrgAce Data Centers II, LLC
Coords51.3735, -2.3594

VirusTotal

Not checked

WHOIS

description
Observed making inbound scans on 2026-06-01 01:51:20
raw
inetnum: 2.26.80.0 - 2.26.80.255 netname: PLAY2GO-CUSTOMERS-NETWORK descr: play2go.cloud - Cheap and reliable hosting country: DE geofeed: https://cdn.play2go.cloud/static/geofeed.csv admin-c: SM40399-RIPE tech-c: ACRO55633-RIPE status: ASSIGNED PA created: 2026-04-05T23:53:52Z last-modified: 2026-05-10T19:32:28Z source: RIPE mnt-by: play2go-mnt role: Abuse contact role object address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ abuse-mailbox: [email protected] nic-hdl: ACRO55633-RIPE mnt-by: play2go-mnt created: 2024-02-17T20:37:49Z last-modified: 2024-10-02T15:11:46Z source: RIPE # Filtered person: Kyrylo Harazha address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ phone: +447446979461 nic-hdl: SM40399-RIPE mnt-by: play2go-mnt created: 2024-02-17T20:30:54Z last-modified: 2025-07-05T11:00:23Z source: RIPE # Filtered route: 2.26.80.0/24 origin: AS215439 created: 2026-04-05T22:39:37Z last-modified: 2026-04-05T22:39:37Z source: RIPE mnt-by: play2go-mnt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 14 days ago · Last seen 10 days ago
Appeared in 10 threat reports