IOC Radar
IPHighVerifiedSignal 38/100

109.61.38.38

Location
HungaryHungary
Szeged, Bern
ASN
AS199524
Dravanet
First Seen
Jul 10, 2025
Last Seen
May 26, 2026
Jul 10
First Seen
336d ago
May 26
Last Seen
15d ago
5
Reports
source reports
38%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
38%
Signal Score
38 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Network Information

CountryHUHungary
RegionSzeged, Bern
ASNAS199524
OrganizationDravanet

Feed Intelligence Summary

5 reports38% confidence
5
Source reports
38%
Confidence score
Category tags
active scanactive scanningbotnetbotnet activitybotnet infectionbrute forcec2c2 communicationchcommand & controlcommand and controlcommunication protocolcompromised hostcredential accesscredential stuffingdata exfiltrationdata store exposureddosddos attackdenial of servicedistributed attackseuropeexploitation activityftpftp brute forcehackinghttp scannerhttp scanningidentity & access exploitationindicatorindicators of compromiseinjection activityintrusion detectionirclateral movementlumalicious network trafficmalicious softwaremalwaremalware distributionnetworknetwork attacksnetwork protocolnetwork scanningnetwork securityprocess injectionprotocol exploitationreconnaissanceresearchedscannerscanning activitysmtpssh attackt1005t1016t1018t1021t1036t1040t1043t1046t1053t1055t1059t1071t1071.001t1078t1083t1090t1105t1106t1110.002t1133t1190t1486t1496t1497t1499.001t1499.002t1499.003t1565t1571t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat intelligencetor nodeweb traffic

Activity Timeline

1 total obs
May 26May 26

Threat Activity Heatmap

· Peak: 2026-05-26
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, has been identified with a score of 37.55, signaling its potential involvement in malicious activities. The presence of this IOC within an organizational environment could indicate ongoing reconnaissance, attempted unauthorized access, or the staging of more severe attacks. Its association with various MITRE ATT&CK techniques, including network scanning, remote system discovery, command execution, and ingress tool transfer, underscores the bro…

Threat ScoreLow Risk
38
SIGNAL
Signal Score
38%
Confidence
5
Reports
First seenJul 10, 2025
Last seenMay 26, 2026
Verified IOC
GeolocationHU
CountryHungary
LocationSzeged, Bern
ASNAS199524
OrgDravanet
Coords46.2272, 20.1062

VirusTotal

Not checked

WHOIS

raw
inetnum: 109.61.32.0 - 109.61.47.255 netname: LU-GCORELABS-20091216 country: CH org: ORG-WIG6-RIPE admin-c: LA5122-RIPE tech-c: LA5122-RIPE status: ALLOCATED PA mnt-by: GCL1-MNT mnt-by: RIPE-NCC-HM-MNT created: 2024-02-09T14:12:32Z last-modified: 2024-05-06T10:38:38Z source: RIPE organisation: ORG-WIG6-RIPE org-name: G-Core Labs S.A. country: LU org-type: LIR address: 2-4, rue Edmond Reuter address: L-5326 address: Contern address: LUXEMBOURG phone: +375293666245 abuse-c: AC23417-RIPE mnt-ref: GCL1-MNT mnt-ref: RIPE-NCC-HM-MNT mnt-by: GCL1-MNT mnt-by: RIPE-NCC-HM-MNT created: 2012-12-05T13:21:56Z last-modified: 2023-08-02T08:17:23Z source: RIPE # Filtered person: LIR Admin address: G-Core Labs S.A. address: 2 Rue Edmond Reuter address: 5326 Contern phone: +35220880507 nic-hdl: LA5122-RIPE mnt-by: GCL1-MNT created: 2012-12-05T15:05:34Z last-modified: 2023-07-17T19:38:48Z source: RIPE # Filtered route: 109.61.38.0/24 descr: GCL-109-61-38-0-24 origin: AS199524 mnt-by: GCL1-MNT created: 2024-10-15T07:01:14Z last-modified: 2024-10-15T07:01:14Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 11 months ago · Last seen 15 days ago
Appeared in 5 threat reports