IOC Radar
IPMediumSignal 65/100

80.28.122.97

Location
SpainSpain
Madrid, MD
ASN
AS3352
TDENET (Red de servicios IP)
First Seen
May 16, 2024
Last Seen
Apr 24, 2026
May 16
First Seen
758d ago
Apr 24
Last Seen
50d ago
18
Reports
source reports
65%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

11 techniques

Network Information

CountryESSpain
RegionMadrid, MD
ASNAS3352
OrganizationTDENET (Red de servicios IP)

Feed Intelligence Summary

18 reports65% confidence
18
Source reports
65%
Confidence score
Category tags
aaaaabuseactive scanactive scanningaheadattackbad reputationbotnet activitybrute forcebrute force attackcredential accesscredential stuffingctadns attackdoctype htmleliteeuropeexploitation activityglobalgooglebotgooglebot indexhrefhttpsidentity & access exploitationimapimap attackindicatoripv6 spflayer protocolmalicious activitymalwaremetamitre attackmotherlessnetworknetwork infonextoverview zenboxpassword attacksperforms dnsphishingprocesses extraransomwarereconnaissanceresearchedrta descriptionscannerscriptspainssh attackt1055t1055 processt1071t1095t1110.001t1110.002t1110.003t1110.004t1573t1595.001t1595.002t1595.003threat actortitletor nodetrackertxt vdmarc1verdictz233

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

· Peak: 2026-04-24
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
18
Reports
First seenMay 16, 2024
Last seenApr 24, 2026
GeolocationES
CountrySpain
LocationMadrid, MD
ASNAS3352
OrgTDENET (Red de servicios IP)
Coords40.4163, -3.6934

VirusTotal

Not checked

WHOIS

description
The full text of the RMA-tde.net report has been published, and the results are expected to be published in the next few days, as well as the full set of words.
raw
inetnum: 80.28.96.0 - 80.28.127.255 netname: TDENET descr: Red de servicios IP country: ES admin-c: ATDE1-RIPE tech-c: TTDE1-RIPE remarks: NCC#2002121103 status: ASSIGNED PA mnt-by: MAINT-AS3352 created: 2002-12-20T10:17:38Z last-modified: 2016-04-22T09:49:55Z source: RIPE # Filtered role: Administradores Telefonica de Espana address: Ronda de la Comunicacion s/n address: Edificio Norte 1, planta 6 address: 28050 Madrid address: SPAIN org: ORG-TDE1-RIPE admin-c: KIX1-RIPE tech-c: TTDE1-RIPE nic-hdl: ATDE1-RIPE mnt-by: MAINT-AS3352 abuse-mailbox: [email protected] created: 2006-01-18T12:24:41Z last-modified: 2018-09-18T10:36:42Z source: RIPE # Filtered role: Tecnicos Telefonica de Espana address: Ronda de la Comunicacion S/N address: 28050-MADRID address: SPAIN org: ORG-TDE1-RIPE admin-c: TTE2-RIPE tech-c: TTE2-RIPE nic-hdl: TTdE1-RIPE mnt-by: MAINT-AS3352 abuse-mailbox: [email protected] created: 2006-01-18T12:39:59Z last-modified: 2018-09-18T12:08:51Z source: RIPE # Filtered route: 80.28.0.0/16 descr: TDENET (Red de servicios IP) origin: AS3352 mnt-by: MAINT-AS3352 mnt-routes: MAINT-AS3352 mnt-lower: MAINT-AS3352 created: 2011-03-10T10:42:07Z last-modified: 2011-03-10T10:42:07Z source: RIPE
references
https://vtbehaviour.commondatastorage.googleapis.com/22e702fc31752b1ff0ca59efb58d943282dff34b9e8ce61867d8c831b0d8de35_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776480788&Signature=GKnoamXxZLyFfntMDXBWi2gnSzHRWJJRZPaofPOvzgQF6ygdQKEJpX4eJ2AASUeDQ3L4AO7Os%2FgNOl0CeG5%2FN9aVgljvd3WBiA8ZTwba5tFflRJKWcwOA5l4osDG6BDtNNiE8hqlOPhwMa4lIHfx8LNSu8B%2Fbm0n7Y28iDLdwSs9GCpFCVriebOwI1VNCU3BxzR0lKHa1DH6ijmLa6nxX4TOwNTZ47Os2KLel2k0E0K7sedhXKjWD1rz, https://vtbehaviour.commondatastorage.googleapis.com/22e702fc31752b1ff0ca59efb58d943282dff34b9e8ce61867d8c831b0d8de35_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776480900&Signature=juTMRwWs%2FTJqrDMvBJfYmPzSfXx4a%2F31AjChMKGg%2FigOb2ayCytmhgn%2FfGStvobwbbyL9t1dHYxFX0QZz%2F4zM3vebhPQPBm0BElUabRpjfY6q01wMlTu3q5T5uw1sSchvwR7n0H4t%2FnoMPiFRXns84ZWvQeTTNJYKtg5P29B6CE%2BbXfGQ%2FTKhS9ZR8bI09EyLS2y3Ob3boKLMZ4MNvq6nLIHO2373XOpgfJhsBQej6xZ8%2BlIe0T4

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 month ago
Appeared in 18 threat reports