IOC Radar
IPMediumSignal 65/100

80.24.47.189

Location
SpainSpain
Madrid, Madrid, Comunidad de
ASN
AS3352
RIMA (Red IP Multi Acceso)
First Seen
Jun 25, 2023
Last Seen
Apr 18, 2026
Jun 25
First Seen
1083d ago
Apr 18
Last Seen
56d ago
15
Reports
source reports
65%
Confidence
medium
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Network Information

CountryESSpain
RegionMadrid, Madrid, Comunidad de
ASNAS3352
OrganizationRIMA (Red IP Multi Acceso)

Feed Intelligence Summary

15 reports65% confidence
15
Source reports
65%
Confidence score
Category tags
aaaaabuseabuseipdbactive scanactive scanningaheadattackauto-generated securityazurebad reputationbelgiumbotnetbotnet activitybrute forcebrute force attackcloud infrastructurecommand and controlcredential accesscredential stuffingctadata exfiltrationdata store exposuredistributed attacksdns attackdoctype htmleliteeuropeexploitationexploitation activityglobalgooglebotgooglebot indexheng technologyholdinghonk gonkhrefhttpsidentity & access exploitationimapimap attackindicatorinjection activityipv6 spfjsc ertelecomjsc ertelecom holdinglateral movementlayer protocolmajoritmalicious activitymalicious softwaremalwaremetamitre attackmotherlessnetworknetwork infonetwork probingnetwork scanningnextoverview zenboxpassword attackspaysperforms dnsphishingprocess injectionprocesses extraransomwarereconnaissanceremote accessremote servicesresearchedrta descriptionrusserussian ipscannerscriptsign-in logssmtpsmtp attackerspainssh attackt1021.001t1027t1047t1055t1055 processt1059t1068t1071t1071.001t1076t1078t1095t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1213t1486t1496t1499.002t1499.003t1539t1555t1563t1565t1573t1595.001t1595.002t1595.003threat actortitletor nodetrackertxt vdmarc1verdictz233

Activity Timeline

1 total obs
Apr 18Apr 18

Threat Activity Heatmap

· Peak: 2026-04-18
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
15
Reports
First seenJun 25, 2023
Last seenApr 18, 2026
GeolocationES
CountrySpain
LocationMadrid, Madrid, Comunidad de
ASNAS3352
OrgRIMA (Red IP Multi Acceso)
Coords40.4163, -3.6934

VirusTotal

Not checked

WHOIS

description
The full text of the RMA-tde.net report has been published, and the results are expected to be published in the next few days, as well as the full set of words.
raw
inetnum: 80.24.0.0 - 80.24.255.255 netname: RIMA descr: Red de servicios IP country: ES admin-c: ATdE1-RIPE tech-c: TTdE1-RIPE status: ASSIGNED PA mnt-by: MAINT-AS3352 created: 2015-01-21T07:41:17Z last-modified: 2016-04-22T09:30:51Z source: RIPE # Filtered role: Administradores Telefonica de Espana address: Ronda de la Comunicacion s/n address: Edificio Norte 1, planta 6 address: 28050 Madrid address: SPAIN org: ORG-TDE1-RIPE admin-c: KIX1-RIPE tech-c: TTDE1-RIPE nic-hdl: ATDE1-RIPE mnt-by: MAINT-AS3352 abuse-mailbox: [email protected] created: 2006-01-18T12:24:41Z last-modified: 2018-09-18T10:36:42Z source: RIPE # Filtered role: Tecnicos Telefonica de Espana address: Ronda de la Comunicacion S/N address: 28050-MADRID address: SPAIN org: ORG-TDE1-RIPE admin-c: TTE2-RIPE tech-c: TTE2-RIPE nic-hdl: TTdE1-RIPE mnt-by: MAINT-AS3352 abuse-mailbox: [email protected] created: 2006-01-18T12:39:59Z last-modified: 2018-09-18T12:08:51Z source: RIPE # Filtered route: 80.24.0.0/16 descr: RIMA (Red IP Multi Acceso) origin: AS3352 mnt-by: MAINT-AS3352 created: 2005-07-21T12:32:14Z last-modified: 2009-08-19T06:59:24Z source: RIPE
references
https://vtbehaviour.commondatastorage.googleapis.com/22e702fc31752b1ff0ca59efb58d943282dff34b9e8ce61867d8c831b0d8de35_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776480788&Signature=GKnoamXxZLyFfntMDXBWi2gnSzHRWJJRZPaofPOvzgQF6ygdQKEJpX4eJ2AASUeDQ3L4AO7Os%2FgNOl0CeG5%2FN9aVgljvd3WBiA8ZTwba5tFflRJKWcwOA5l4osDG6BDtNNiE8hqlOPhwMa4lIHfx8LNSu8B%2Fbm0n7Y28iDLdwSs9GCpFCVriebOwI1VNCU3BxzR0lKHa1DH6ijmLa6nxX4TOwNTZ47Os2KLel2k0E0K7sedhXKjWD1rz, https://vtbehaviour.commondatastorage.googleapis.com/22e702fc31752b1ff0ca59efb58d943282dff34b9e8ce61867d8c831b0d8de35_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776480900&Signature=juTMRwWs%2FTJqrDMvBJfYmPzSfXx4a%2F31AjChMKGg%2FigOb2ayCytmhgn%2FfGStvobwbbyL9t1dHYxFX0QZz%2F4zM3vebhPQPBm0BElUabRpjfY6q01wMlTu3q5T5uw1sSchvwR7n0H4t%2FnoMPiFRXns84ZWvQeTTNJYKtg5P29B6CE%2BbXfGQ%2FTKhS9ZR8bI09EyLS2y3Ob3boKLMZ4MNvq6nLIHO2373XOpgfJhsBQej6xZ8%2BlIe0T4, https://github.com/borestad/blocklist-abuseipdb/blob/main/abuseipdb-s100-3d.ipv4

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 1 month ago
Appeared in 15 threat reports