IOC Radar
IPMediumSignal 54/100

80.227.102.242

Location
United Arab EmiratesUnited Arab Emirates
Dubai, DU
ASN
AS15802
Emirates Integrated Telecommunications Company
First Seen
Aug 4, 2023
Last Seen
Jun 5, 2026
Aug 4
First Seen
1044d ago
Jun 5
Last Seen
8d ago
26
Reports
source reports
54%
Confidence
medium
Found in 26 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
54%
Signal Score
54 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

53 techniques

Network Information

CountryAEUnited Arab Emirates
RegionDubai, DU
ASNAS15802
OrganizationEmirates Integrated Telecommunications Company

Feed Intelligence Summary

26 reports54% confidence
26
Source reports
54%
Confidence score
Category tags
abuseabuseipdbaccess controlaccount accessaccount enumerationaccount lockoutactive scanactive scanningadresse ipaeagricultural supply chainagricultural technologyagriculture, forestry, fishing and huntingaptatif feedattack_vector:brute_forceauthenticationauthentication attackauthentication-failureauthentication_protocolauto-generated securityazureazure adbad reputationbad web botbankingbanlist feedbelgiumbelgium ip addressesbinary defenseblocklist_allbotnetbotnet activitybotnet detectionbrute forcebrute force attackbrute force attemptbrute-forcebruteforcec2 communicationc2 detectionc2 servercloud environmentcloud infrastructurecloud infrastructure attackcommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostcompromised hostscredential accesscredential brute forcingcredential compromisecredential harvestingcredential stuffingcredential-dumpingcredential_accesscredit card servicescrop productiondata exfiltrationdata store exposuredata theftddosddos attackdenial of servicedistributed attacksdns attackdnsblentra ideuropeexploitationexploitation activityexploited hostfailed authenticationfarmingfinancefinance and insurancefinancial servicesfinancial technologyfinlandfood productionfoods and drinksfranceftp brute forcegermanyhackingheng technologyholdinghoneynet connecthonk gonkhttp brute forceidentity & access exploitationimapimap attackimap brute forceindicatorinformation technologyinfrastructure acquisitionreconnaissanceinjection activityintrusion detectioniocit infrastructurejsc ertelecomjsc ertelecom holdinglateral movementlivestock managementlogin attacklogin attemptlogin brute forcemajoritmalicious softwaremalicious-ipmalwaremalware distributionmalware filtermanualmicrosoft entra idmultiple accountsmultiple accounts targetedmultiple usersmultiple users affectednetworknetwork anomaliesnetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork traffic analysisnetwork:tcpnorth americaopenctipassword attackpassword attackspassword crackingpassword sprayingpayment processingpaysphishingphishing attackpolandpop3 brute forceprecision agricultureprocess injectionprotocol exploitationprotocol:imapprotocol:pop3protocol:saslprotocol:smtpransomwarereconnaissanceremote accessremote servicesremote_accessresearchedrtbhrusserussian ipsaslsasl brute forcescannerscanning activitysecurity operationssecurity policysign-in logssmtpsmtp attackersmtp brute forcesmtp-attacksocial engineeringsoftware developmentspamsshssh attacksupply chain attacksustainable agriculturet1003t1021t1021.001t1021.003t1027t1040t1046t1047t1055t1059t1059.004t1068t1071t1071.001t1076t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1213t1486t1496t1499.001t1499.002t1499.003t1539t1555t1563t1565t1566t1566.001t1566.002t1566.003t1573t1573.001t1587.001t1588t1588.004t1589t1589.002t1590.001t1595t1595.001t1595.002t1595.003tcptcp brute forcetcp protocoltcp scantelnet threatthreat actorthreat intelligencethreat preventiontor nodeturkeyudp scanunauthorized access attemptunauthorized login attemptsunited arab emiratesunited statesvulnerability scanwealth managementweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Jun 5Jun 5

Threat Activity Heatmap

· Peak: 2026-06-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
54
SIGNAL
Signal Score
54%
Confidence
26
Reports
First seenAug 4, 2023
Last seenJun 5, 2026
GeolocationAE
CountryUnited Arab Emirates
LocationDubai, DU
ASNAS15802
OrgEmirates Integrated Telecommunications Company
Coords25.2633, 55.3087

VirusTotal

Not checked

WHOIS

description
Real-time Intercept: SMTP attack. Reference: 2026-05-25 06:10:23.5900 Login failure: 80.227.102.242 SMTP
raw
inetnum: 80.227.102.0 - 80.227.102.255 netname: DIC-NET descr: Emirates Integrated Telecommunications Company PJSC (EITC-DU) country: AE remarks: ******************************************************************* remarks: * For any kind of illegal activity originating from our network * remarks: * Please Contact: [email protected] * remarks: ******************************************************************* admin-c: EITC2-RIPE tech-c: EITC2-RIPE status: ASSIGNED PA mnt-by: DIC-MNT mnt-lower: DIC-MNT mnt-routes: DIC-MNT created: 2004-05-13T12:08:25Z last-modified: 2012-01-11T05:04:59Z source: RIPE # Filtered role: EITC Contact Role address: Emirates Integrated Telecommunications address: ------ address: ------- phone: +971043550323 fax-no: +971043550323 admin-c: CC7854-RIPE tech-c: CC7854-RIPE tech-c: CC7854-RIPE tech-c: CC7854-RIPE nic-hdl: EITC2-RIPE abuse-mailbox: [email protected] mnt-by: DIC-MNT created: 2006-07-25T04:42:43Z last-modified: 2019-03-11T12:31:11Z source: RIPE # Filtered route: 80.227.96.0/21 descr: Emirates Integrated Telecommunications Company PJSC descr: Campus-3 origin: AS15802 mnt-by: DIC-MNT created: 2007-05-10T06:54:01Z last-modified: 2007-05-10T06:54:01Z source: RIPE
references
https://purplesynapz.com/, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://list.rtbh.com.tr/output.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt, https://github.com/borestad/blocklist-abuseipdb/blob/main/abuseipdb-s100-3d.ipv4, https://lists.blocklist.de/lists/mail.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 8 days ago
Appeared in 26 threat reports