IOC Radar
IPMediumSignal 44/100

195.34.206.77

Location
UkraineUkraine
Vinnytsia, Vinnytsia
ASN
AS39199
Private Enterprise RadioNet
First Seen
Feb 19, 2021
Last Seen
May 26, 2026
Feb 19
First Seen
1941d ago
May 26
Last Seen
19d ago
11
Reports
source reports
44%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

37 techniques

Network Information

CountryUAUkraine
RegionVinnytsia, Vinnytsia
ASNAS39199
OrganizationPrivate Enterprise RadioNet

Feed Intelligence Summary

11 reports44% confidence
11
Source reports
44%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningattackaustraliabad reputationbad web botblacklist candidatebotnetbotnet activitybrute forcebrute force attackbrute force attemptsbrute-forcecommand and controlcommand executioncommand injectioncommunication protocolcowrie honeypotcowrie interactionscredential accesscredential stuffingctadata encryptiondata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attacksdecoy systemdenial of servicedhcpdionaea honeypotdionaea interactionsdistributed attacksdnsdns attackelasticsearchencryptioneuropeexploitexploitationexploitation activityexploited hostfattfatt signaturesftpftp brute forcehackinghoneytrap honeypothoneytrap interactionshttp brute forcehttp probinghttp scanneridentity & access exploitationimapindicatorinformation gatheringinitial accessinjection activityinjection attacksinternet of thingsintrusion detectioniociot botnetiot securityiot targetediot/ics attacklateral movementldapmailoney honeypotmailoney interactionsmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemirai botnetmssqlmssql brute forcenetworknetwork attacksnetwork intrusion attemptsnetwork intrusion detectionnetwork monitoringnetwork probenetwork probingnetwork protocolnetwork scannetwork scanningnetwork securitynetwork traffic analysisntpoceaniaoraclep0fp0f signaturespassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedresource hijackingrtbhscanscannerscanning activitysecurity policysensor-taggedsentrypeer botnetsentrypeer interactionsserver exploitationsmb brute forcesmtpsmtp probingsocks5sql injectionssh attackssh monitoringsuricata alertssystem accesst1021t1021.001t1021.002t1040t1046t1055t1059t1059.003t1059.005t1068t1071t1071.001t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1210t1486t1496t1499.001t1499.002t1499.003t1505.004t1550.003t1562t1565t1595t1595.001t1595.002t1595.003tannertanner interactionstargeting databasetcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotukrainevnc protocolvoipvoip attackvulnerability scanweb application attackweb exploitweb exploitationweb traffic

Activity Timeline

1 total obs
May 26May 26

Threat Activity Heatmap

· Peak: 2026-05-26
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
11
Reports
First seenFeb 19, 2021
Last seenMay 26, 2026
GeolocationUA
CountryUkraine
LocationVinnytsia, Vinnytsia
ASNAS39199
OrgPrivate Enterprise RadioNet
Coords49.7143, 28.8339

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 445 SMB. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 195.34.204.0 - 195.34.207.255 netname: RADIONET-NET country: UA org: ORG-PER1-RIPE admin-c: KMS47-RIPE tech-c: KMS47-RIPE status: ASSIGNED PI mnt-by: RIPE-NCC-END-MNT mnt-by: VINRADIONET-MNT mnt-routes: VINRADIONET-MNT mnt-domains: VINRADIONET-MNT created: 2005-12-28T14:44:38Z last-modified: 2022-03-17T12:51:56Z source: RIPE sponsoring-org: ORG-TCI1-RIPE organisation: ORG-PER1-RIPE org-name: Private Enterprise RadioNet country: UA org-type: OTHER address: Korolova 1st Lane, b. 16A address: 21008, Vinnitsa, address: Ukraine abuse-c: AR19477-RIPE phone: +380674323267 fax-no: +380 432 531610 admin-c: KMS47-RIPE tech-c: KMS47-RIPE mnt-by: VINRADIONET-MNT mnt-ref: VINRADIONET-MNT created: 2005-12-20T15:28:54Z last-modified: 2023-11-07T08:58:49Z source: RIPE # Filtered person: Mihail Kurinny address: Ukraine, Vinnitsa st., Krasnokrestovskaya str. 6/2 phone: +380674900751 nic-hdl: KMS47-RIPE mnt-by: VINRADIONET-MNT created: 2012-07-05T06:28:12Z last-modified: 2023-11-07T08:54:12Z source: RIPE # Filtered route: 195.34.206.0/24 origin: AS39199 mnt-by: VINRADIONET-MNT created: 2018-03-23T09:53:58Z last-modified: 2018-03-23T09:53:58Z source: RIPE
references
https://list.rtbh.com.tr/output.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 19 days ago
Appeared in 11 threat reports