IOC Radar
IPMediumSignal 48/100

217.93.157.252

Location
GermanyGermany
Bad Salzungen, TH
ASN
AS3320
Deutsche Telekom AG
First Seen
Apr 15, 2026
Last Seen
Apr 24, 2026
Apr 15
First Seen
72d ago
Apr 24
Last Seen
64d ago
7
Reports
source reports
48%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
48%
Signal Score
48 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

1 techniques

Network Information

CountryDEGermany
RegionBad Salzungen, TH
ASNAS3320
OrganizationDeutsche Telekom AG

Feed Intelligence Summary

7 reports48% confidence
7
Source reports
48%
Confidence score
Category tags
aptbrute forcecredential accesscredential stuffingeuropeexploitation activitygermanyidentity & access exploitationindicatornetworkresearchedssh attackt1110.002threat actortor node

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

· Peak: 2026-04-24
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
48
SIGNAL
Signal Score
48%
Confidence
7
Reports
First seenApr 15, 2026
Last seenApr 24, 2026
GeolocationDE
CountryGermany
LocationBad Salzungen, TH
ASNAS3320
OrgDeutsche Telekom AG
Coords50.7990, 10.3031

VirusTotal

Not checked

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
inetnum: 217.93.0.0 - 217.94.63.255 netname: DTAG-DIAL19 descr: Deutsche Telekom AG org: ORG-DTAG1-RIPE country: DE admin-c: DTIP tech-c: DTST status: ASSIGNED PA mnt-by: DTAG-NIC created: 2004-03-15T10:14:15Z last-modified: 2014-06-18T06:21:39Z source: RIPE organisation: ORG-DTAG1-RIPE org-name: Deutsche Telekom AG org-type: OTHER address: Group Information Security, SDA/Abuse address: Deutsche Telekom Allee 9 address: DE 64295 Darmstadt remarks: abuse contact in case of Spam, hack attacks, illegal activity, violation, scans, probes, etc. mnt-ref: DTAG-NIC mnt-by: DTAG-NIC abuse-c: DTAG4-RIPE created: 2014-06-17T11:47:04Z last-modified: 2021-02-22T13:35:19Z source: RIPE # Filtered person: DTAG Global IP-Addressing address: Deutsche Telekom AG address: Darmstadt, Germany phone: +49 180 2 33 1000 nic-hdl: DTIP mnt-by: DTAG-NIC created: 2003-01-29T10:22:59Z last-modified: 2019-05-14T12:55:19Z source: RIPE # Filtered person: Security Team address: Deutsche Telekom AG address: Darmstadt, Germany phone: +49 180 2 33 1000 nic-hdl: DTST mnt-by: DTAG-NIC created: 2003-01-29T10:31:11Z last-modified: 2019-05-14T12:56:39Z source: RIPE # Filtered route: 217.80.0.0/12 descr: Deutsche Telekom AG, Internet service provider origin: AS3320 member-of: AS3320:RS-PA-TELEKOM mnt-by: DTAG-RR created: 1970-01-01T00:00:00Z last-modified: 2004-06-15T17:32:53Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 2 months ago
Appeared in 7 threat reports