IOC Radar
IPMediumSignal 67/100

93.123.109.39

Location
AndorraAndorra
Andorra la Vella, Andorra la Vella
ASN
AS48090
Techoff SRV Limited
First Seen
Jan 13, 2025
Last Seen
Jun 10, 2026
Jan 13
First Seen
531d ago
Jun 10
Last Seen
18d ago
30
Reports
source reports
67%
Confidence
medium
Found in 30 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

98 techniques

Network Information

CountryADAndorra
RegionAndorra la Vella, Andorra la Vella
ASNAS48090
OrganizationTechoff SRV Limited

Feed Intelligence Summary

30 reports67% confidence
30
Source reports
67%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningadbadb protocolandorraandroid devicesaptasiaasyncratattackaustraliabad reputationbad web botblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptsbrute force botbrute-forcebruteforcebulgariabypassc2c2 communicationcloud infrastructurecloud infrastructure attackcloud servicescnccoinminercommand & controlcommand and controlcommand executioncommunication protocolcompromised hostscowrie honeypotcowrie interactionscredential accesscredential harvestingcredential stuffingcredential stuffing botcryptocurrencydata exfiltrationdata store exposuredatabase securityddosddos attackddos botddos participationdecoy systemdenial of servicedionaea activitydionaea honeypotdionaea interactionsdistributed attacksdropperenterprise securityeuropeeurope/asiaexploit activityexploit probingexploitationexploitation activityexploited hostfattfatt analysisfatt signaturesforgefranceftp attacksftp brute forceftp brute-forcegroupedhackinghoneytrap activityhoneytrap honeypothoneytrap interactionshttp brute forcehttp floodhttp probinghttp scannerhttpsidentity & access exploitationids alertindicatorinformation technologyinfostealerinitial accessinjection activityinjection attacksiocsit infrastructurekill-chain exploitationkill-chain reconnaissancelateral movementloginlogin failuremailoney activitymailoney honeypotmailoney interactionsmalaysiamalicious activitymalicious domainmalicious softwaremalwaremalware behaviourmalware botnet activitymalware capturemalware deliverymalware distributionmalware droppermalware urlmd5medium-riskmobilemobile securitymobile threatmozinetherlandsnetworknetwork attacksnetwork enumerationnetwork intrusionnetwork intrusion attemptsnetwork intrusion detectionnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork traffic analysisnloceaniap0fp0f signaturesparispassword attackpassword attackspatch managementphaasphishingphishing attackphishing trapprocess injectionprotocol exploitationransomwareratreconnaissanceremcosratremote accessremote servicesresearchedresource hijackingromaniarussiascams & fraudscannerscannerssecurity operationssecurity policysensor-taggedsentrypeer activitysentrypeer botnetsentrypeer interactionsserver exploitationsha valuessip attackssmtpsmtp attackersmtp attackssmtp probingsocial engineeringsocradar honeypotsoftware developmentsoftware vulnerabilitiesspamspam botsshssh attackssh attacksssh monitoringstealcsubmit datesuricata alertssystem discoveryt1005t1016t1016.001t1016.002t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.006t1021.007t1029t1036t1036.005t1036.007t1036.009t1040t1041t1046t1053t1053.005t1055t1057t1059t1059.001t1059.003t1059.004t1059.005t1064t1065t1068t1071t1071.001t1071.004t1076t1078t1078.001t1078.002t1082t1083t1090t1105t1110t1110.001t1110.002t1110.003t1110.004t1113t1123t1133t1187t1189t1190t1199t1202t1203t1204t1204.002t1210t1211t1485t1486t1489t1490t1492t1496t1497t1497.001t1497.002t1499.001t1499.002t1499.003t1505.004t1547t1555t1562t1562.001t1562.004t1563t1565t1566t1566.001t1566.002t1566.003t1571t1572t1573t1573.001t1573.002t1574t1574.001t1574.002t1574.008t1595t1595.001t1595.002t1595.003tannertanner activitytanner interactionstcp floodtcp scantelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotudp scanukraineunited kingdomurlhausurls httpurls httpsvoip attackvulnerability scanwazuhweb app attackweb application attackweb exploitationweb spamweb trafficweek

Activity Timeline

1 total obs
Jun 10Jun 10

Threat Activity Heatmap

· Peak: 2026-06-10
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
30
Reports
First seenJan 13, 2025
Last seenJun 10, 2026
GeolocationAD
CountryAndorra
LocationAndorra la Vella, Andorra la Vella
ASNAS48090
OrgTechoff SRV Limited
Coords42.5063, 1.5218

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 18 days ago
Appeared in 30 threat reports