IOC Radar
IPMediumSignal 71/100

185.93.204.237

Location
ItalyItaly
Modica, 82
ASN
AS198380
Nova Quadri SAS
First Seen
Mar 13, 2025
Last Seen
Feb 12, 2026
Mar 13
First Seen
455d ago
Feb 12
Last Seen
118d ago
7
Reports
source reports
71%
Confidence
medium
1/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

27 techniques

Network Information

CountryITItaly
RegionModica, 82
ASNAS198380
OrganizationNova Quadri SAS

Feed Intelligence Summary

7 reports71% confidence
7
Source reports
71%
Confidence score
Category tags
active scanningadbhoney honeypotattackbotnetbrute forcecommand and controlcommunication protocolcompromised credentialscowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata exfiltration attemptsdatabase securitydecoy systemdionaea honeypotdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringeuropeexploitation attemptexploitation attemptsheralding attack patternindicatoritalylateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deployment attemptsnetworknetwork scanningnetwork securityphishingphishing attackphishing trapprocess injectionpython script activityreconnaissanceremote accessresearchedresource hijackingscanning activitysentrypeer botnetsftp access attemptsftp attacksip brute forcesocial engineeringspamssh attackssh monitoringt1021t1040t1041t1055t1059t1071.001t1078t1110t1110.002t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1583t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat intelligencevoipvoip attack

Activity Timeline

1 total obs
Feb 12Feb 12

Threat Activity Heatmap

· Peak: 2026-02-12
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
7
Reports
First seenMar 13, 2025
Last seenFeb 12, 2026
GeolocationIT
CountryItaly
LocationModica, 82
ASNAS198380
OrgNova Quadri SAS
Coords36.7801, 14.5522

VirusTotal

1/ 91vendors flagged
1% detection rateJun 8, 2026

WHOIS

description
2025-04-23T04:30:44.342Z Honeypot : Heralding : Source: 185.93.204.237 : Username/Password: ADmIN/111111 Port: 1080 Message: 2025-04-23 04:30:44.342129,efdb866b-8d17-4f9f-95b6-85b2c2e24ce2,f834e383-13b3-48a7-946d-c2b135c4a877,185.93.204.237,41103,99.18.26.18,1080,socks5,ADmIN,111111,
raw
inetnum: 185.93.204.0 - 185.93.205.255 netname: NOVAQUADRI-3 descr: NOVA QUADRI SAS DI OCCHIPINTI VINCENZA & C. descr: Novaquadri Wireless Network country: IT admin-c: OV725-RIPE tech-c: FDB269-RIPE status: ASSIGNED PA mnt-by: MNT-DIGISAT created: 2015-04-01T15:17:29Z last-modified: 2015-04-01T15:17:29Z source: RIPE person: FRANCO DI BENEDETTO address: VIALE QUINDICI 2 address: ZONA INDUSTRIALE 97100 address: RAGUSA (ITALY) phone: +39.0932667666 fax-no: +39.0932667929 nic-hdl: FDB269-RIPE mnt-by: MNT-IRPNET created: 2012-01-03T10:30:45Z last-modified: 2021-08-19T14:18:35Z source: RIPE # Filtered person: OCCHIPINTI VINCENZA address: VIALE QUINDICI 2 address: ZONA INDUSTRIALE 97100 address: RAGUSA (ITALY) phone: +39.0932667666 fax-no: +39.0932667929 nic-hdl: OV725-RIPE mnt-by: MNT-IRPNET created: 2012-01-03T10:29:14Z last-modified: 2012-01-03T10:31:42Z source: RIPE # Filtered route: 185.93.204.0/24 descr: Novaquadri origin: AS198380 mnt-by: MNT-DIGISAT mnt-by: MNT-IRPNET created: 2015-04-01T15:25:10Z last-modified: 2015-04-01T15:25:10Z source: RIPE
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 7 threat reports