IPMediumSignal 35/100
195.3.223.73
Location
PolandWarsaw, Mazowieckie
ASN
AS201814
MEVSPACE sp. z o.o
First Seen
Jun 6, 2023
Last Seen
Apr 7, 2026
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
35%
Signal Score
35 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryPoland
PolandRegionWarsaw, Mazowieckie
ASNAS201814
OrganizationMEVSPACE sp. z o.o
IP Category
⟲
Proxy
Proxy server
Feed Intelligence Summary
20 reports35% confidence
20
Source reports
35%
Confidence score
Category tags
abuseaccessaccess controlactive scanactive scanningapacheapache attackerattackbad reputationblacklist candidateblacklist ipbotnetbotnet activitybrute forcebrute force attackcommand and controlcommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposureddosddos attacksdecoy systemdistributed attacksemaileuropeexploitation activityftp brute forcegithubgroupshoneytrap honeypothttp scanneridentity & access exploitationindicatorinjection activityinternet of thingsintrusion detectioniot botnetiot securityiot/ics attacklamplateral movementmailoney honeypotmalicious activitymalicious scanmalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork enumerationnetwork reconnaissancenetwork scanningnetwork securitypassword attacksphishingphishing attackphishing trapplpolandpotential malicious activityprocess injectionproxyproxy protocolpythonreconnaissancereconnaissance activityresearchedscanscannerscriptsecurity policyself-signedservice enumerationservice probingsftpsftp attackslugsmtp brute forcesocial engineeringsshssh attackssh monitoringsurface webt1016t1021t1021.004t1040t1041t1046t1055t1059t1059.004t1071t1071.001t1083t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1589t1592t1595t1595.001t1595.002t1595.003tcp protocoltelecommunicationsthreat actorthreat detectionthreat intelligencethreat preventiontor nodeunauthorized access attemptsunidentified attackerweb traffic
Activity Timeline
Apr 7Apr 7
Threat Activity Heatmap
· Peak: 2026-04-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
35
SIGNAL
Signal Score
35%
Confidence
20
Reports
First seenJun 6, 2023
Last seenApr 7, 2026
GeolocationPL
CountryPoland
LocationWarsaw, Mazowieckie
ASNAS201814
OrgMEVSPACE sp. z o.o
Coords52.2394, 21.0362
Proxy
VirusTotal
Not checked
WHOIS
- description
- Unknown source type: h0neytr4p
- raw
- inetnum: 195.3.220.0 - 195.3.223.255 netname: PL-MEV-20110919 country: PL org: ORG-MSZO78-RIPE admin-c: mevs2-ripe tech-c: mevs2-ripe status: ALLOCATED PA mnt-by: SKYTECH-MNT mnt-by: RIPE-NCC-HM-MNT created: 2024-06-25T09:04:55Z last-modified: 2024-06-25T09:04:55Z source: RIPE organisation: ORG-MSZO78-RIPE org-name: MEVSPACE sp. z o.o. country: PL org-type: LIR address: Augustyna Locciego 33 address: 02-928 address: Warszawa address: POLAND phone: +48221004144 admin-c: mevs2-ripe tech-c: mevs2-ripe abuse-c: AR49979-RIPE mnt-ref: SKYTECH-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: SKYTECH-MNT created: 2018-12-20T08:55:28Z last-modified: 2023-01-16T12:16:04Z source: RIPE # Filtered role: Mevspace Admins address: MEVSPACE Sp. z o.o. address: Augustyna Locciego 33 address: 02-928 Warszawa admin-c: AO3529-RIPE admin-c: SO4268-RIPE tech-c: AO3529-RIPE tech-c: SO4268-RIPE nic-hdl: mevs2-ripe mnt-by: SKYTECH-MNT created: 2022-12-07T13:04:36Z last-modified: 2023-03-29T20:31:27Z source: RIPE # Filtered route: 195.3.222.0/23 origin: AS201814 mnt-by: SKYTECH-MNT created: 2022-09-30T07:24:16Z last-modified: 2022-09-30T07:24:16Z source: RIPE
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 years ago · Last seen 2 months ago
Appeared in 20 threat reports