IOC Radar
IPMediumSignal 100/100

185.36.81.140

Location
LithuaniaLithuania
Kaunas, Kaunas
ASN
AS209605
SERVEROFFER LT
First Seen
Nov 9, 2023
Last Seen
Aug 5, 2025
Nov 9
First Seen
961d ago
Aug 5
Last Seen
325d ago
17
Reports
source reports
99%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

39 techniques

Network Information

CountryLTLithuania
RegionKaunas, Kaunas
ASNAS209605
OrganizationSERVEROFFER LT

IP Category

Proxy
Proxy server

Feed Intelligence Summary

17 reports99% confidence
17
Source reports
99%
Confidence score
Category tags
abuseactive scanningattackbotnetbrute forcebrute force attackbrute force attackscitrix exploitation attemptscitrix securitycommand and controlcowrie honeypotcredential accesscredential stuffingdata exfiltrationdatabase exploitationdecoy systemdionaea honeypotdistributed attacksenterprise securityexploitation of privilegeftp brute forcehoneytrap honeypothttp brute forcelamplamp attacklamp exploitationlateral movementmalicious activitymalicious payloadmalicious softwaremalwaremalware behaviourmalware capturenetworknetwork enumerationnetwork intrusion attemptsnetwork reconnaissancenetwork scanningnetwork securitypassword attackspotential botnet activityprocess injectionprotocol exploitationproxyreconnaissancereconnaissance activityremote accessremote servicesresearchedscannersftp access attemptssftp attacksmtp brute forcesocradar honeypotssh attackssh monitoringt1018t1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.004t1068t1071.001t1076t1078t1078.001t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1203t1204.002t1486t1496t1499.002t1499.003t1563t1565t1566.001t1588t1589t1595t1595.001t1595.002t1595.003tannertelnet threatthreat actorthreat detectionthreat intelligenceunauthorized access attemptunauthorized access attemptsunited statesweb application attacksweb server exploitation

Activity Timeline

1 total obs
Aug 5Aug 5

Threat Activity Heatmap

· Peak: 2025-08-05
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
17
Reports
First seenNov 9, 2023
Last seenAug 5, 2025
GeolocationLT
CountryLithuania
LocationKaunas, Kaunas
ASNAS209605
OrgSERVEROFFER LT
Coords54.9048, 23.8958
Proxy

VirusTotal

Not checked

WHOIS

description
2024-11-13T16:46:33.000Z Honeypot : Honeytrap : Source: 185.36.81.140 : Port: 22438 Message: {'payload': {'md5_hash': 'a165e6261ea342c20a71feb834a83bd0', 'sha512_hash': '30f3be86af9ed6fbecb8d062c33ebf386199464b866d6fc8a319d052202736655d983d800ef907fdce793b972a4b33d766218ce8002231e5e9b946fc1cfe2974', 'length': 17, 'data_hex': '5353482d322e302d4f70656e5353480d0a'}, 'protocol': 'tcp'}

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 10 months ago
Appeared in 17 threat reports