IOC Radar
IPMediumSignal 41/100

185.25.117.24

Location
UkraineUkraine
Kyiv, Kyiv
ASN
AS200000
new Hosting
First Seen
Jun 29, 2025
Last Seen
May 6, 2026
Jun 29
First Seen
363d ago
May 6
Last Seen
52d ago
13
Reports
source reports
41%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
41%
Signal Score
41 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

22 techniques

Network Information

CountryUAUkraine
RegionKyiv, Kyiv
ASNAS200000
Organizationnew Hosting

Feed Intelligence Summary

13 reports41% confidence
13
Source reports
41%
Confidence score
Category tags
abuseactive scanactive scanningattackauthentication attackautomated threatbad reputationbotnetbotnet activitybrute forcebrute force attackcommand and controlcredential accesscredential stuffingdata exfiltrationdata store exposuredistributed attackseuropeexploitation activityftp brute forceidentity & access exploitationindicatorinjection activitylogin attacklogin attemptsmalicious activitymalicious softwaremalwarenetworknetwork intrusionnetwork scanningpassword attackpassword attacksprocess injectionransomwarereconnaissanceremote access attackresearchedscannersecurity operationssocradar honeypotssh attackt1021t1046t1055t1059t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp scanthreat actorthreat intelligenceudp scanukraineunauthorized accessunited kingdom

Activity Timeline

1 total obs
May 6May 6

Threat Activity Heatmap

· Peak: 2026-05-06
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
41
SIGNAL
Signal Score
41%
Confidence
13
Reports
First seenJun 29, 2025
Last seenMay 6, 2026
GeolocationUA
CountryUkraine
LocationKyiv, Kyiv
ASNAS200000
Orgnew Hosting
Coords50.4490, 30.4245

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
raw
inetnum: 185.25.116.0 - 185.25.117.255 netname: HUL6-Network descr: Hosting Ukraine infrastructure network country: UA status: ASSIGNED PA remarks: * For spam/abuse/security issues please contact remarks: * [email protected] remarks: * The contents of your abuse email will be remarks: * forwarded directly on to our client for remarks: * handling. admin-c: HU2012-RIPE tech-c: HU2012-RIPE mnt-by: HOSTINGUKRAINE-MNT created: 2013-05-21T10:02:15Z last-modified: 2013-10-03T09:00:43Z source: RIPE role: Hosting Ukraine Ltd. Netmaster org: ORG-HUL6-RIPE address: Hosting Ukraine LTD address: PO Box 65 phone: +380443927433 address: 04112, Kiev, Ukraine admin-c: IR1628-RIPE abuse-mailbox: [email protected] nic-hdl: HU2012-RIPE mnt-by: HOSTINGUKRAINE-MNT created: 2013-04-18T07:53:53Z last-modified: 2018-08-13T08:44:09Z source: RIPE # Filtered route: 185.25.116.0/22 descr: new route Hosting-185.25.116 origin: AS200000 mnt-by: HOSTINGUKRAINE-MNT created: 2014-07-23T12:06:25Z last-modified: 2014-07-23T12:06:25Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 13 threat reports