{"id": "RST:88AB07E9-D479-3633-A330-BDCCECF682F4", "bulletinFamily": "ioc", "title": "RST Threat feed. IOC: 116.202.23.3", "description": "Found **116[.]202.23.3** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **10**.\n First seen: 2020-09-23T03:00:00, Last seen: 2020-11-15T03:00:00.\n IOC tags: **c2**.\nWe found that the IOC is used by: **emotet**.\nASN 24940: (First IP 116.202.0.0, Last IP 116.203.255.255).\nASN Name \"HETZNERAS\" and Organisation \"\".\nThis IP is a part of \"**hetzner**\" address pools.\nASN hosts 4961102 domains.\nGEO IP information: City \"Aschaffenburg\", Country \"Germany\".\nIOC could be a **False Positive** (Cloud provider IP).\n[https://rstcloud.net/](https://rstcloud.net/)", "published": "2020-11-16T00:00:00", "modified": "2020-09-23T00:00:00", "cvss": {}, "href": "", "reporter": "RST Threat Feed", "references": [], "cvelist": [], "type": "rst", "lastseen": "2020-11-15T00:00:00", "edition": 1, "viewCount": 0, "enchantments": {"vulnersScore": "PENDING"}, "iocType": "ip", "ip": ["116.202.23.3"], "domain": [], "url": [], "iocScore": {"ioc_frequency": 0.46, "ioc_src": 64.84, "ioc_tags": 0.89, "ioc_total": 10.0}, "tags": ["c2"], "fp": {"alarm": "true", "descr": "Cloud provider IP"}, "whois": {}, "geodata": {"city": "Aschaffenburg", "country": "Germany", "region": "Bavaria"}, "asn": {"cloud": "hetzner", "domains": 4961102, "firstip": {"netv4": "116.202.0.0", "num": "1959395328"}, "isp": "HETZNERAS", "lastip": {"netv4": "116.203.255.255", "num": "1959526399"}, "num": 24940, "org": ""}, "threat": ["emotet"]}

{}