IOC Radar
IPMediumSignal 67/100

195.164.49.70

Location
PolandPoland
Warsaw, Mazowieckie
ASN
AS8308
NASK
First Seen
Sep 6, 2024
Last Seen
May 29, 2026
Sep 6
First Seen
652d ago
May 29
Last Seen
21d ago
13
Reports
source reports
67%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

42 techniques

Network Information

CountryPLPoland
RegionWarsaw, Mazowieckie
ASNAS8308
OrganizationNASK

Feed Intelligence Summary

13 reports67% confidence
13
Source reports
67%
Confidence score
Category tags
access attemptsactive scanactive scanningapacheapache camelapache tomcatauthentication attacksbotnetbotnet activitybrute forcebrute force attackbrute_forcecamelcertcode executioncode injectioncode injection vulnerabilitycode segmentcommand and controlcommand executioncommunication protocolcookiecredential accesscredential harvestingcredential stuffingcredential_accessdata exfiltrationdata injectiondata store exposureddosddos attackdenial of servicedistributed attacksenumerationeuropeeurope/asiaexploitexploitation activityexploited hostfigurefirstftphackingheader hijackingheader hijacking attackhttp puthttp requesthttp scanneridentity & access exploitationids alertindicatorinformation technologyinjection activityit infrastructurekill-chain exploitationkill-chain reconnaissancemalicious softwaremalwaremedium-risknask_pl-benignnettynetworknetwork attacksnetwork reconnaissancenetwork scanningnetwork securitynetwork security monitoringnetwork_reconnaissancepartial putpartial put attackpartial put vulnerabilitypassword attacksphishingphishing attackplpolandprocess injectionprotocol exploitationreconnaissanceremote accessremote code executionremote servicesresearchedscannerscanning activityscripting attackssocial engineeringsoftware developmentspamssh attackt1021t1021.001t1040t1046t1055t1059t1059.007t1068t1071.001t1076t1078t1082t1110t1110.001t1110.002t1110.003t1110.004t1189t1190t1192t1203t1210t1213t1486t1496t1499.001t1499.002t1499.003t1505t1505.003t1555t1562.001t1563t1565t1566.001t1566.002t1566.003t1588t1595t1595.001t1595.002t1595.003telnet threattomcattor nodeturkeyunauthenticated vulnerabilityunited kingdomverified-benignvulnerabilityvulnerability scanwazuhweb app attackweb application attackweb attackweb exploitationweb server exploitweb spamweb traffic

Activity Timeline

1 total obs
May 29May 29

Threat Activity Heatmap

· Peak: 2026-05-29
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
13
Reports
First seenSep 6, 2024
Last seenMay 29, 2026
GeolocationPL
CountryPoland
LocationWarsaw, Mazowieckie
ASNAS8308
OrgNASK
Coords52.2298, 21.0118

VirusTotal

Not checked

WHOIS

raw
inetnum: 195.164.0.0 - 195.164.255.255 netname: PL-NASK-960626 country: PL org: ORG-NRaA1-RIPE admin-c: NASK1-RIPE tech-c: NASK1-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-by: NASK-MNT mnt-lower: NASK-MNT mnt-routes: NASK-MNT mnt-irt: IRT-CERT-POLSKA created: 2002-06-21T13:06:37Z last-modified: 2016-07-13T08:54:36Z source: RIPE # Filtered organisation: ORG-NRaA1-RIPE org-name: NAUKOWA I AKADEMICKA SIEC KOMPUTEROWA - PANSTWOWY INSTYTUT BADAWCZY country: PL org-type: LIR address: ul. Kolska 12 address: 01-045 address: Warszawa address: POLAND phone: +48 22 3808204 phone: +48 22 3808200 fax-no: +48 22 3808201 admin-c: NASK1-RIPE admin-c: JK6662-RIPE admin-c: TM3779-RIPE abuse-c: NASK1-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: NASK-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: NASK-MNT created: 2004-04-17T11:47:37Z last-modified: 2022-12-05T13:04:50Z source: RIPE # Filtered role: NASK LIR org: ORG-NRaA1-RIPE address: ul. Kolska 12 address: 01-045 Warszawa address: Poland phone: +48 22 380 82 00 fax-no: +48 22 380 82 01 abuse-mailbox: [email protected] remarks: Network problems: [email protected] remarks: Registry contact: [email protected] remarks: Abuse and spam notification: [email protected] remarks: remarks: Please send spam and abuse notifications to [email protected] only - remarks: notifications sent to other mailboxes will be left without action. admin-c: TM3779-RIPE tech-c: JK6662-RIPE tech-c: TM3779-RIPE nic-hdl: NASK1-RIPE mnt-by: NASK-MNT created: 2002-06-25T14:34:39Z last-modified: 2016-05-09T11:58:25Z source: RIPE # Filtered route: 195.164.0.0/16 descr: NASK (PL) descr: Provider Local Registry origin: AS8308 mnt-by: AS8308-MNT created: 2003-02-21T12:10:57Z last-modified: 2003-02-21T12:10:57Z source: RIPE # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 21 days ago
Appeared in 13 threat reports