IOC Radar
IPMediumSignal 71/100

80.94.95.106

Location
HungaryHungary
Budapest, Sofia-grad
ASN
AS204428
Unmanaged LTD
First Seen
Jul 17, 2023
Last Seen
Apr 18, 2026
Jul 17
First Seen
1071d ago
Apr 18
Last Seen
65d ago
14
Reports
source reports
71%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

40 techniques

Network Information

CountryHUHungary
RegionBudapest, Sofia-grad
ASNAS204428
OrganizationUnmanaged LTD

IP Category

Proxy
Proxy server

Feed Intelligence Summary

14 reports71% confidence
14
Source reports
71%
Confidence score
Category tags
abuseaccess controlaccount compromiseaccount securityactive scanactive scanningadminadministrative accessapplication layer protocolattackaustraliabad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptsbruteforcebulgariaciscocisco devicecisco exploitation attemptcommand and controlcommunication protocolcompromised credentialscowriecowrie activitycowrie honeypotcowrie interactionscowrie ssh honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosddos attacksdecoy systemdenial of servicedevice managementdionaeadionaea honeypotdionaea interactionsdirectory enumerationdistributed attacksenterprise networkingeuropeexploitexploitation activityexploitation attemptsexploited hostfattfatt signaturesftpftp brute forcehackinghoneytrap honeypothoneytrap interactionshttp probinghttp scannerhttpshuhungaryidentity & access exploitationinitial accessinjection activityinternet of thingsintrusion detectioniot botnetiot securityiot/ics attacklamplamp server attacklamp server targetinglateral movementlogin attackmailoney activitymailoney honeypotmailoney interactionsmalicious activitymalicious ipmalicious payloadmalicious softwaremalwaremalware behaviourmalware capturemiraimirai botnetnetworknetwork attacksnetwork infrastructurenetwork intrusion attemptsnetwork intrusion detectionnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork traffic analysisnorth americaoceaniaopenctioperating systemoperating system securityp0fp0f signaturespassword attackpassword attacksphishingphishing attackphishing trappotential vulnerability scanprivilege escalationprocess injectionprotocol exploitationproxyransomwarerdpreconnaissanceremote accessremote servicesresearchedresource hijackingromaniascanscannerscanning activityscripting attackssecurity policysensor-taggedsentrypeer botnetsentrypeer interactionsservice enumerationsftpsftp attacksipsmtpsmtp probingsocial engineeringsshssh attackssh monitoringsuricata alertst1021t1021.001t1040t1041t1046t1055t1059t1059.001t1059.004t1059.005t1059.007t1069.001t1071.001t1076t1078t1088t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1589t1589.002t1595t1595.001t1595.002t1595.003tannertanner interactionstcptcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpottsecunauthorized loginunited kingdomunited statesvoipvoip attackvulnerability scanweb application attackweb application scanningweb attackweb exploitationweb scannerweb scannersweb trafficwinwindows

Activity Timeline

1 total obs
Apr 18Apr 18

Threat Activity Heatmap

· Peak: 2026-04-18
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
14
Reports
First seenJul 17, 2023
Last seenApr 18, 2026
GeolocationHU
CountryHungary
LocationBudapest, Sofia-grad
ASNAS204428
OrgUnmanaged LTD
Coords42.6977, 23.3219
Proxy

VirusTotal

Not checked

WHOIS

description
Unknown source type: h0neytr4p
raw
inetnum: 80.94.95.0 - 80.94.95.255 netname: UNMANAGED-LTD country: GB admin-c: PB23091-RIPE tech-c: PB23091-RIPE status: ASSIGNED PA mnt-by: UNMANAGED mnt-by: ro-btel2-1-mnt created: 2024-01-26T20:28:48Z last-modified: 2024-04-18T22:23:55Z source: RIPE person: UNMANAGED LTD NOC - NETWORK OPERATIONS CENTER address: Business First Northampton, Brindley Close, Rushden, England, NN10 6EN phone: +44 (0) 333 305 0020 nic-hdl: PB23091-RIPE mnt-by: UNMANAGED created: 2020-07-26T21:11:55Z last-modified: 2024-09-12T20:00:36Z source: RIPE # Filtered route: 80.94.95.0/24 origin: AS204428 mnt-by: UNMANAGED mnt-by: ro-btel2-1-mnt created: 2022-11-15T14:14:48Z last-modified: 2022-11-15T14:14:48Z source: RIPE
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 2 months ago
Appeared in 14 threat reports