IOC Radar
IPMediumSignal 100/100

83.168.95.21

Location
PolandPoland
Warsaw, Mazovia
ASN
AS202520
SkyPass Solutions Sp. z.o.o
First Seen
Feb 23, 2025
Last Seen
Feb 15, 2026
Feb 23
First Seen
489d ago
Feb 15
Last Seen
132d ago
13
Reports
source reports
99%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

28 techniques

Network Information

CountryPLPoland
RegionWarsaw, Mazovia
ASNAS202520
OrganizationSkyPass Solutions Sp. z.o.o

Feed Intelligence Summary

13 reports99% confidence
13
Source reports
99%
Confidence score
Category tags
abuseactive scanningattackauthenticationauthentication attackauthentication failuresautomated attackbotnetbrute forcebrute force attackbrute force attemptcommand and controlcommunication protocolcowrie honeypotcredential accesscredential stuffingctadata exfiltrationdecoy systemdistributed attackseuropeexploit attemptsfail2ban blocked ipfail2ban triggeredfailed authenticationfailed login attemptsftpftp brute forcehttp scannerindicatorinvalid login attemptslogin attackmalicious activitymalicious softwaremalwarenetworknetwork intrusionnetwork scanningnetwork service exploitationnorth americapassword attacksplpolandprocess injectionreconnaissanceremote accessresearchedscannersecurity operationssftp attackssh attackssh monitoringt1021t1021.001t1021.004t1041t1055t1059t1059.004t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.002t1499.003t1565t1589t1589.002t1595t1595.001t1595.002t1595.003tcp scanthreat actorthreat intelligenceudp scanunauthorized access attemptunited kingdomunited statesweb traffic

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
13
Reports
First seenFeb 23, 2025
Last seenFeb 15, 2026
GeolocationPL
CountryPoland
LocationWarsaw, Mazovia
ASNAS202520
OrgSkyPass Solutions Sp. z.o.o
Coords52.2433, 20.9918

VirusTotal

Not checked

WHOIS

description
SSH bruteforce client IP
raw
inetnum: 83.168.94.0 - 83.168.95.255 netname: SkyPass country: PL org: ORG-SA4902-RIPE abuse-c: ACRO46705-RIPE admin-c: ACRO46705-RIPE tech-c: ACRO46705-RIPE mnt-domains: SkillHost-MNT status: SUB-ALLOCATED PA mnt-by: KORBANKSA-MNT mnt-by: SkillHost-MNT created: 2024-11-08T13:45:22Z last-modified: 2025-01-02T11:26:10Z source: RIPE organisation: ORG-SA4902-RIPE org-name: SkyPass Solutions Sp. z.o.o. country: PL org-type: OTHER address: ALEJA JANA PAWLA II 43A /37B, 01-001 Warszawa abuse-c: ACRO46705-RIPE mnt-ref: SkillHost-MNT mnt-by: SkillHost-MNT mnt-by: SKYPASS-MNT created: 2022-02-21T22:45:13Z last-modified: 2022-12-27T12:46:27Z source: RIPE # Filtered role: Abuse contact role object address: ALEJA JANA PAWLA II, 01-001, Warszawa abuse-mailbox: [email protected] nic-hdl: ACRO46705-RIPE mnt-by: SkillHost-MNT created: 2022-02-21T22:45:11Z last-modified: 2024-09-27T21:26:39Z source: RIPE # Filtered route: 83.168.95.0/24 descr: SkyPass Solutions Sp. z.o.o. origin: AS202520 mnt-by: KORBANKSA-MNT created: 2024-11-08T13:49:13Z last-modified: 2024-11-08T13:49:13Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 13 threat reports