IOC Radar
IPMediumSignal 73/100

91.217.249.72

Location
GermanyGermany
Frankfurt am Main, CA
ASN
AS206092
VPN Consumer Frankfurt, Germany
First Seen
May 30, 2024
Last Seen
May 25, 2026
May 30
First Seen
745d ago
May 25
Last Seen
20d ago
18
Reports
source reports
73%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, CA
ASNAS206092
OrganizationVPN Consumer Frankfurt, Germany

IP Category

VPN
VPN exit node

Feed Intelligence Summary

18 reports73% confidence
18
Source reports
73%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningantispamapacheapache attackerattackauto-generated securitybad reputationbad web botbotnet activitybrute forcebrute force attackbrute-forcecredential accesscredential stuffingddosddos attackdedenial of serviceeuropeexploitation activitygermanyhackingidentity & access exploitationinformation technologyit infrastructurelog4jmalicious activitymalwarenetworknorth americapassword attacksproxyransomwarereconnaissanceresearchedscannersecurity policysocradar honeypotsoftware developmentspamssh attackt1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003threat actorthreat preventiontor nodeunited statesvpnweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 25May 25

Threat Activity Heatmap

· Peak: 2026-05-25
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
18
Reports
First seenMay 30, 2024
Last seenMay 25, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, CA
ASNAS206092
OrgVPN Consumer Frankfurt, Germany
Coords34.0729, -118.2606
VPN

VirusTotal

Not checked

WHOIS

raw
inetnum: 91.217.249.0 - 91.217.249.255 netname: FRANKFURT-AM-MAIN-DE-91-217-249-0 country: DE geoloc: 50.1230871 8.6363284 geofeed: https://www.prefixbroker.com/prefixbroker-geofeed.csv org: ORG-VCFG2-RIPE admin-c: VCAR3-RIPE tech-c: VCAR3-RIPE status: ASSIGNED PA mnt-by: PREFIXBROKER-MNT created: 2023-09-25T08:06:59Z last-modified: 2024-05-22T04:22:23Z source: RIPE organisation: ORG-VCFG2-RIPE org-name: VPN Consumer Frankfurt, Germany org-type: OTHER address: Frankfurt, Germany country: DE abuse-c: VCAR3-RIPE mnt-ref: PREFIXBROKER-MNT mnt-by: PREFIXBROKER-MNT created: 2023-12-11T12:09:16Z last-modified: 2024-01-03T08:25:12Z source: RIPE # Filtered role: VPN Consumer Abuse Role address: AZ Business Center address: Avenida Perez Chitre address: Panama, 00395 address: Republica de Panama nic-hdl: VCAR3-RIPE abuse-mailbox: [email protected] mnt-by: PREFIXBROKER-MNT created: 2023-11-22T08:33:27Z last-modified: 2023-11-22T08:33:27Z source: RIPE # Filtered route: 91.217.249.0/24 origin: AS206092 mnt-by: PREFIXBROKER-MNT created: 2024-03-08T05:43:29Z last-modified: 2024-03-08T05:43:29Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 20 days ago
Appeared in 18 threat reports