IPMediumSignal 100/100

`193.34.213.150`

Location

Poland

Warsaw, Mazovia

ASN

AS201814

SKYTECHNOLOGY

First Seen

Nov 13, 2025

Last Seen

May 29, 2026

Nov 13

First Seen

209d ago

May 29

Last Seen

13d ago

Reports

source reports

99%

Confidence

medium

Found in 22 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

99%

Signal Score

100 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

107 techniques

Network Information

Country

Poland

RegionWarsaw, Mazovia

ASNAS201814

OrganizationSKYTECHNOLOGY

Feed Intelligence Summary

22 reports99% confidence

Source reports

99%

Confidence score

Category tags

abuseabusech-urlhaus-c2cacademic institutionsaccess controlactive scanactive scanningadbadb attacksadb brute forceadb protocoladbhoney activityadbhoney honeypotagainstand exploitation attemptsandroid device attacksandroid devicesandroid_attackaniviaapacheapi servicesaptashen lepusasiaasyncrat linkattackaustraliaauto-colorautomated attackautomated attack attemptsautomated attacksautomated exploitationautomated_attacksbackdoorbad reputationbad web botbankingbase64base64 encodingbase64 pythonbeyondbinary downloadbitcoinaddressblacklist candidateblog spambluenoroffboltsbotnetbotnet activitybotnet binarybotnet infectionbotnet iocsbotnet miraibotnet_activitybotnetsbpfdoorbrute forcebrute force attackbrute force attacksbrute force attemptsbrute-force attackbrute_forcec&cc2c2 ipc2 ratc2 rathttpc2 servercertchaoschinachinazcisco asacisco brute forcecisco devicecisco device attackscisco device scanningcisco exploitation attemptcisco exploitation attemptscisco-device-targetingcisco_devicescivil servicesclosecloud computingcloud infrastructurecloud migrationcloud securitycloud servicescloud storagecobaltcobalt strikecode executioncode injectioncoinminercoinminerhttpcommandcommand & controlcommand and controlcommand executioncommand injectioncommunication protocolcommunication technologiescompoodcompromise attemptcompromised credentialscompromised hostconfigconnected devicesconpot activityconpot honeypotconstconsumer goodscontent deliverycontext c2cookiecortex xdrcowrie activitycowrie honeypotcowrie interactionscowrie ssh honeypotcredential accesscredential attackcredential brute forcecredential brute-forcecredential guessingcredential harvestingcredential stuffingcredential theftcredential-stuffingcredential_accesscredential_access_attemptscredential_stuffingcredit card servicescroncross-platformcryptocurrencycryptocurrency threatscryptojackingcvecvss 10.0cvss scorecyber threatsdata accessdata copyingdata encryptiondata exfiltrationdata securitydata store exposuredata transferdatabase attacksdatabase securitydatabase serversdatabase_attackddosddos attackddos attacksdecoy systemdefault credential abusedenial of servicedeserializationdeserialization vulnerabilitydevice managementdhcpdictionary attackdionaea activitydionaea attacksdionaea honeypotdirectory traversaldistributed attacksdistribution managementdnp3dnsdns attackdprkdropperearth lamiaeducational resourceseducational serviceseducational technologyelasticpot honeypotelasticsearchelasticsearch monitoringelectronic health recordselfencryptionenterprise networkingenumerateerrorethernet/ipetherrateuropeeurope/asiaexecutable fileexfiltrationexploitexploit attemptsexploit_attemptsexploitationexploitation activityexploitation attemptexploitation attemptsexploitation_attemptexploited hostextortionfake osfattfeedly feedly-aifinancefinancial servicesfinancial technologyfindflashflightflight protocolfreight forwardingftpftp attacksftp brute forcefunctiongeneric exploitghosthiregovernment technologygrephackinghealth care and social assistancehealth information technologyhealthcare information systemsheralding activityhigher educationhivehoneytrap honeypothonghospital managementhosthttp attackhttp brute forcehttp clienthttp posthttp scannerhttp/httpshttp/shttpshunticsics attacksics securityics/scada attacksics/scada systemsidentity & access exploitationimapimpervaimperva threatindicatorindonesiaindustrial control systemsindustrial iotinformation gatheringinformation technologyinfostealerinfrainfrastructure acquisitionreconnaissanceingress tool transferinitial accessinitial access attemptinitial_accessinjection activityinjection attacksinternet of thingsinternet-facingintrusion detectioninventory managementiociocsiot analyticsiot applicationsiot attacksiot botnetiot deviceiot device attacksiot device exploitationiot platformsiot securityiot systemsiot/ics attackirc botit infrastructurejackpot pandajson confighttpk-12 educationkaijikernel exploitationlamplamp exploitationlamp exploitation attemptlamp server attacklamp server targetinglamp stack targetinglateral movementlateral movement attemptldaplearnlinuxlinux serverlinux system exploitationlinux targetslinux-server-targetinglinux_serverslogistics technologyluca stealermailoney activitymailoney honeypotmakop ransomwaremalformed requestmalicious activitymalicious downloadmalicious linksmalicious login attemptsmalicious softwaremalicious-login-attemptsmalwaremalware behaviourmalware capturemalware deliverymalware distributionmalware downloadmalware droppermalware hostmalware samplemalware: cobalt strikemalware: xmrigmedical servicesmetasploitminerminocatmirai botnetmobile carriersmobile networksmobile threatmodbusmodbus attacksmodbus protocolmozimssqlmulti-cloud managementmulti-protocol network scanningnation-state activitynetworknetwork activitynetwork attacksnetwork devicenetwork device attacksnetwork device compromisenetwork devicesnetwork discoverynetwork enumerationnetwork infrastructurenetwork intrusion attemptsnetwork mappingnetwork monitoringnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork_devicenetwork_device_attacknoodle ratnorth americantpnutsoceaniaopenoperating systemopportunistic attacksoracleot attacksoutlawp0fpalo alto networksparent domainpassword attackpassword attackspassword crackingpassword sprayingpatient carepayload hostingpayment processingperimeter devicesperl scriptphishingphishing attackphishing trapping of deathplpolandportport-scanningpossible credential reusepossible malware propagationpost-exploitationprcprivilege escalationprivilege escalation attemptprocess injectionprotectprotocol exploitationproxypublic administrationpublic infrastructurepublic policypython malwareqhoneypot activityransomwareratratsrcereactreact libraryreact serverreact server componentreact server componentsreact2shellreact4shellreconnaissancereconnaissance-activitiesredis exploitation attemptsredis honeypotregulatory agenciesremote accessremote access serviceremote access trojanremote code executionremote servicesresearchedresource hijackingretail tradereverse shellrondorscrsc flightrunnv cryptojackingrussias7comms7comm attackss7comm protocolsaint helena, ascension and tristan da cunhasalatstealerscada/ics attacksscams & fraudscanscannerscanning activityscorescripting attackssecurity operationssecurity policysensor-taggedsentrypeer activitysentrypeer botnetserver exploitationserviceservice probingservice scansftp access attemptssftp activitysftp attacksftp attackssftp attemptsftp protocolsftp-brute-forceshellshell injectionshellbotshipping servicessip attackssip brute forcesip protocolsip scanningsip-scanningsloveniasmart devicessmb attackssmtpsmtp brute forcesocial engineeringsocks5socradar honeypotsoftware developmentsoftware exploitationspamsql injectionsql injection attemptsssh attackssh attacksssh monitoringssh protocolssh-brute-forcestealerstealthstealth techniquesstopstrongsupply chain attacksupply chain managementsystem disruptionsystemdt1001.003t1003t1005t1012t1016t1018t1021t1021.001t1021.002t1027t1027.002t1030t1036t1036.004t1037t1040t1041t1046t1047t1049t1053t1053.005t1055t1056t1057t1059t1059.001t1059.003t1059.004t1059.005t1059.006t1059.007t1068t1069.001t1070.004t1071t1071.001t1076t1077t1078t1082t1083t1102t1102.002t1105t1110t1110.001t1110.002t1110.003t1110.004t1113t1119t1132.001t1133t1134t1140t1189t1190t1195t1202t1203t1204t1204.001t1204.002t1210t1213t1222t1486t1490t1496t1496.001t1497t1497.001t1498t1499.001t1499.002t1499.003t1505t1505.002t1505.003t1505.004t1543.002t1547t1548t1550t1552.001t1555t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1567.002t1569.002t1571t1587.001t1588t1589t1590t1590.001t1592t1595t1595.001t1595.002t1595.003tabletannertanner activitytanner interactionstargettargeting databasetcp protocoltelecom servicestelecommunicationstelnet attackstelnet threattelnet-brute-forcethreat actorthreat detectionthreat intelligencethreat preventiontoddycattor nodetpottransportation managementtrojan malwareturkeytype indicatorua-wgetunauthenticated accessunauthorized accessunauthorized access attemptsunauthorized loginunc5174unitunit 42unitedunited statesunix targetsunknown threat actorurls httpsvidar linkvnc protocolvoipvoip attackvoip attacksvoip systemsvoip_attackvshellvulnerabilitiesvulnerabilities and exploitsvulnerabilityvulnerability scanwarehouse operationswealth managementweb apisweb app attackweb application attackweb application attacksweb application exploitweb applicationsweb attackweb attacksweb developmentweb exploitationweb hostingweb infrastructureweb securityweb serverweb server attacksweb serversweb servicesweb shell uploadsweb spamweb technologiesweb trafficweb-application-attacksweb_applicationweb_attackswebshellx86-32xdg autostartxmrigxmrig minerxnotexpansezinfoq

Activity Timeline

1 total obs

May 29May 29

Threat Activity Heatmap

· Peak: 2026-05-29

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreHigh Risk

100

SIGNAL

Signal Score

99%

Confidence

Reports

First seenNov 13, 2025

Last seenMay 29, 2026

GeolocationPL

CountryPoland

LocationWarsaw, Mazovia

ASNAS201814

OrgSKYTECHNOLOGY

Coords52.1783, 21.0602

VirusTotal

Not checked

WHOIS

raw: inetnum: 193.34.212.0 - 193.34.215.255 netname: PL-MEV-20100406 remarks: remarks: -------------------------------------------------------------- remarks: For DMCA or abuse reports, please use our online form: remarks: https://mevspace.com/abuse-report remarks: remarks: Or contact us via email at: [email protected] remarks: remarks: Reports submitted through other channels may not be remarks: processed or acknowledged. remarks: -------------------------------------------------------------- remarks: org: ORG-MSZO78-RIPE country: PL abuse-c: AR49979-RIPE admin-c: mevs2-ripe tech-c: mevs2-ripe status: ALLOCATED PA mnt-by: SKYTECH-MNT mnt-by: RIPE-NCC-HM-MNT created: 2024-06-25T09:10:00Z last-modified: 2025-05-13T13:05:46Z source: RIPE organisation: ORG-MSZO78-RIPE org-name: MEVSPACE sp. z o.o. country: PL org-type: LIR address: Augustyna Locciego 33 address: 02-928 address: Warszawa address: POLAND phone: +48221004144 admin-c: mevs2-ripe tech-c: mevs2-ripe abuse-c: AR49979-RIPE mnt-ref: SKYTECH-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: SKYTECH-MNT created: 2018-12-20T08:55:28Z last-modified: 2023-01-16T12:16:04Z source: RIPE # Filtered role: Mevspace Admins address: MEVSPACE Sp. z o.o. address: Augustyna Locciego 33 address: 02-928 Warszawa admin-c: AO3529-RIPE admin-c: SO4268-RIPE admin-c: DP17971-RIPE admin-c: HK7240-RIPE admin-c: PK10813-RIPE admin-c: MW12122-RIPE tech-c: AO3529-RIPE tech-c: SO4268-RIPE tech-c: DP17971-RIPE tech-c: HK7240-RIPE tech-c: PK10813-RIPE tech-c: MW12122-RIPE nic-hdl: mevs2-ripe mnt-by: SKYTECH-MNT created: 2022-12-07T13:04:36Z last-modified: 2026-02-27T12:18:14Z source: RIPE # Filtered route: 193.34.212.0/23 descr: SKYTECHNOLOGY origin: AS201814 mnt-by: SKYTECH-MNT created: 2024-06-18T07:47:39Z last-modified: 2024-06-18T07:47:39Z source: RIPE

`193.34.213.150`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy