IOC Radar
IPMediumSignal 71/100

91.130.24.183

Location
SwedenSweden
Yngsjö, Skåne
ASN
AS1257
Tele2 AB
First Seen
Apr 15, 2026
Last Seen
May 30, 2026
Apr 15
First Seen
53d ago
May 30
Last Seen
8d ago
7
Reports
source reports
71%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountrySESweden
RegionYngsjö, Skåne
ASNAS1257
OrganizationTele2 AB

Feed Intelligence Summary

7 reports71% confidence
7
Source reports
71%
Confidence score
Category tags
abuseabusech-urlhaus-c2cactive scanarcarmarm5arm6arm7asciibackdoorbad reputationbase64-loaderboatnetbotbotnetbotnet activityc2castleratcnccobaltstrikecoinminercommand & controlcryptocurrencyddosddos attacksdropped-by-amadeydropped-by-gcleanerelfencodedencryptioneuropeexeexecutable fileexploitation activitygafgytgithubgolanggotoresolveguloaderhackinghajimehtai468i686indicatorinfostealerinternet of thingsiot botnetiot securityiot targetediot/ics attackisokemo828kimsukyloaderlodalodaratluam68kmalwaremassloggermemzmipsmips.miraimirai botnetmozimpslmsinetworkopendirphantomgatephantomstealerpowerpcpowershellppcps1purecrypterpureratqbotransomwareratremcosratresearchedrev-base64-loaderrmmrustystealersaint helena, ascension and tristan da cunhasalatstealersantastealerscams & fraudscannersesmartloadersparcspcstealersuperhswedent1071.001t1496t1499.002threat actortor nodeua-mshtaua-wgetvidarvipkeyloggerweb app attackx86x86-64x86_64xwormzigclipperzip

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
7
Reports
First seenApr 15, 2026
Last seenMay 30, 2026
GeolocationSE
CountrySweden
LocationYngsjö, Skåne
ASNAS1257
OrgTele2 AB
Coords55.8811, 14.2424

VirusTotal

Not checked

WHOIS

raw
inetnum: 91.130.0.0 - 91.130.63.255 netname: TELE2 descr: In case of improper use, please mail <[email protected]> country: SE geoloc: 59.355596110016315 18.0615234375 language: SE admin-c: SWIP-RIPE tech-c: SWIP-RIPE status: ASSIGNED PA mnt-by: SWIPNET-LIR-MNT mnt-lower: SWIPNET-LIR-MNT mnt-routes: COMHEM-MNT created: 2021-01-19T06:59:44Z last-modified: 2021-05-04T09:58:50Z source: RIPE role: Swipnet Staff address: Tele2 AB/Swedish IP Network address: IP Registry address: Torshamnsgatan 17 164 40 Kista SWEDEN fax-no: +46 8 5626 42 10 abuse-mailbox: [email protected] remarks: The database object describes the staff of SWIPNET LIR. admin-c: ROSI3-RIPE admin-c: TH6544-RIPE tech-c: ROSI3-RIPE tech-c: TH6544-RIPE nic-hdl: SWIP-RIPE mnt-by: SWIPNET-LIR-MNT created: 2002-03-21T14:25:04Z last-modified: 2022-11-23T10:36:53Z source: RIPE # Filtered route: 91.130.0.0/18 origin: AS1257 mnt-by: AS1257-MNT created: 2021-07-13T10:14:08Z last-modified: 2021-07-13T10:14:08Z source: RIPE route: 91.130.0.0/18 origin: AS39651 mnt-by: COMHEM-MNT created: 2021-01-19T12:16:45Z last-modified: 2021-01-19T12:16:45Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 8 days ago
Appeared in 7 threat reports