IOC Radar
IPMediumSignal 60/100

93.123.109.124

Location
AndorraAndorra
Andorra la Vella, Andorra la Vella
ASN
AS48090
Techoff SRV Limited
First Seen
Jan 24, 2025
Last Seen
Jun 18, 2026
Jan 24
First Seen
515d ago
Jun 18
Last Seen
4d ago
24
Reports
source reports
60%
Confidence
medium
Found in 24 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
60%
Signal Score
60 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

55 techniques

Network Information

CountryADAndorra
RegionAndorra la Vella, Andorra la Vella
ASNAS48090
OrganizationTechoff SRV Limited

Feed Intelligence Summary

24 reports60% confidence
24
Source reports
60%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningadbandorraattackaustraliaauthenticationauthentication attackbad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptbrute-forcebruteforcebulgariac2c2 communicationcisco devicecommand & controlcommand and controlcommand executioncommunication protocolcompromised credentialscompromised hostscowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackddos participationdecoy systemdenial of servicedevice managementdionaea honeypotdistributed attacksdropperelasticpot honeypotelasticsearch monitoringenterprise networkingenumerationeuropeexploitexploit activityexploit attemptexploitation activityexploited hostfattfinlandfranceftp brute forcegermanyhackinghoneynet connecthoneytrap honeypothttp brute forceidentity & access exploitationindicatorinfected systemsinitial accessinjection activityintrusion detectioniot securityipv4ipv4 scanninglamplateral movementlogin attemptmailoney honeypotmalicious activitymalicious domainmalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware detectionmalware distributionmobilemobile securitynetherlandsnetworknetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork reconnaissancenetwork scanningnetwork securitynetwork_intrusionnetwork_reconnaissancenlnorth americaoceaniap0fpassword attackpassword attacksphishingphishing attackphishing trapping of deathpolandprocess injectionprotocol exploitationprotocol_scanningransomwarercereconnaissanceremote accessremote servicesresearchedresource hijackingscanscannerscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetserver exploitationsftp attacksftp exploitation attemptssip brute forcesip scansipvicious scansmtp brute forcesocial engineeringsocradar honeypotspamsshssh attackssh monitoringssh scant1005t1016t1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.001t1059.005t1059.007t1064t1071t1071.001t1071.004t1078t1078.001t1078.002t1078.003t1078.004t1083t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1199t1203t1204t1204.002t1486t1496t1499.001t1499.002t1499.003t1505.004t1565t1566t1566.001t1566.002t1566.003t1566.004t1571t1573t1573.001t1589t1595t1595.001t1595.002t1595.003tannertargeting databasetcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotudp scanunauthorized access attemptunauthorized access attemptsunited statesvoipvoip attackvulnerability scanvulnerability-exploitationweb app attackweb application attackweb attackweb exploitationweb spam

Activity Timeline

1 total obs
Jun 18Jun 18

Threat Activity Heatmap

· Peak: 2026-06-18
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
60
SIGNAL
Signal Score
60%
Confidence
24
Reports
First seenJan 24, 2025
Last seenJun 18, 2026
GeolocationAD
CountryAndorra
LocationAndorra la Vella, Andorra la Vella
ASNAS48090
OrgTechoff SRV Limited
Coords42.5063, 1.5218

VirusTotal

Not checked

WHOIS

description
seen in Redishoneypot; events=5; ports=6379; cc=BG; asn=48090; asn_org=Techoff Srv Limited; redis_cmd_hits=0
raw
inetnum: 93.123.109.0 - 93.123.109.255 netname: TECHOFF_SRV_LIMITED descr: TECHOFF_SRV_LIMITED org: ORG-TSL73-RIPE country: AD admin-c: AD18161-RIPE tech-c: AD18161-RIPE mnt-domains: TECHOFF-MNT mnt-routes: TECHOFF-MNT status: ASSIGNED PA mnt-by: MNT-NETERRA created: 2025-02-24T11:41:37Z last-modified: 2025-02-24T11:41:37Z source: RIPE organisation: ORG-TSL73-RIPE org-name: TECHOFF SRV LIMITED country: GB org-type: OTHER address: 35 Firs Avenue, London N11 3NE abuse-c: AD18161-RIPE mnt-ref: TECHOFF-MNT mnt-ref: MNT-NETERRA mnt-by: TECHOFF-MNT created: 2024-11-20T13:01:40Z last-modified: 2024-11-26T15:22:33Z source: RIPE # Filtered role: ABUSE DEP address: 35 Firs Avenue, London N11 3NE abuse-mailbox: [email protected] nic-hdl: AD18161-RIPE mnt-by: TECHOFF-MNT created: 2024-11-20T13:00:28Z last-modified: 2024-11-21T09:45:52Z source: RIPE # Filtered route: 93.123.109.0/24 origin: AS48090 mnt-by: TECHOFF-MNT created: 2025-03-14T18:56:29Z last-modified: 2025-03-14T18:56:29Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://redpiranha.net, https://threatfox.abuse.ch/export/csv/recent/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 days ago
Appeared in 24 threat reports