RST Threat feed. IOC: 172.241.27.204

2020-09-10T00:00:00
ID RST:B6592AB9-4797-3B14-B1FA-9F70CC19C66B
Type rst
Reporter RST Threat Feed
Modified 2020-07-02T00:00:00

Description

Found 172[.]241.27.204 in RST Threat Feed with score 10. First seen: 2020-07-02T03:00:00, Last seen: 2020-09-09T03:00:00. IOC tags: c2. We found that the IOC is used by: cobaltstrike. ASN 394380: (First IP 172.241.24.0, Last IP 172.241.39.255). ASN Name "LEASEWEBUSADAL10" and Organisation "Leaseweb USA Inc". This IP is a part of "leaseweb" address pools. ASN hosts 2056 domains. GEO IP information: City "Dallas", Country "United States". IOC could be a False Positive (Cloud provider IP). https://rstcloud.net/