IOC Radar
IPMediumSignal 57/100

95.214.52.167

Location
PolandPoland
Warsaw, Mazovia
ASN
AS201814
MEVSPACE sp. z o.o
First Seen
Aug 20, 2024
Last Seen
Jun 18, 2026
Aug 20
First Seen
672d ago
Jun 18
Last Seen
5d ago
31
Reports
source reports
56%
Confidence
medium
Found in 31 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
56%
Signal Score
57 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

38 techniques

Network Information

CountryPLPoland
RegionWarsaw, Mazovia
ASNAS201814
OrganizationMEVSPACE sp. z o.o

IP Category

Proxy
Proxy server

Feed Intelligence Summary

31 reports56% confidence
31
Source reports
56%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanningairashiairashi botnetairashiddosaisuruapacheapache attackeraptattackblacklisted ipbotnetbotnet activitybrute forcebrute force attackc2c2 serverchacha20cnpilotcommand and controlcommunication protocolcommunication securitycompromise ipv4credential accesscredential brute-forcingcredential harvestingcredential stuffingdata exfiltrationddosddos attacksdecoy systemdenial of servicediscorddistributed attacksencryptionenumerationenumeration attempteuropefinfin scanfirstfodchagame designgame developmentgame publishinggaminggaming industrygaming platformsgaming technologygs003gs005hellokittyhmac-sha256http scannerindicatorinformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceinternet of thingsintrusion detectioniocsiot botnetiot malwareiot/ics attackipv4 portipv4 port scanit infrastructurelinuxmalicious activitymalicious softwaremalwaremanualmasscanmassive port scanmirai botnetmobile gamingnetworknetwork attacksnetwork mappingnetwork port scanningnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynmapnull scanpassword attacksphishingphishing attackplpolandpotential threat activityprocess injectionproxyreconnaissanceremote coderesearchedrtbhscanscannerscanning activitysecurity policyservice discoverysocial engineeringsocradar honeypotsoftware developmentssh attackstealth scansteamsynsyn scant1005t1016t1018t1021.001t1040t1046t1053.005t1055t1059.004t1071.001t1078t1078.001t1083t1105t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1497t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1587.001t1588t1588.002t1589t1590.001t1595t1595.001t1595.002t1595.003tcp protocoltcp/80threat actorthreat intelligencethreat preventiontoggletxt recordudp port scanvideo gamesvulnerabilityweb trafficxmasxmas scan

Activity Timeline

1 total obs
Jun 18Jun 18

Threat Activity Heatmap

· Peak: 2026-06-18
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
57
SIGNAL
Signal Score
56%
Confidence
31
Reports
First seenAug 20, 2024
Last seenJun 18, 2026
GeolocationPL
CountryPoland
LocationWarsaw, Mazovia
ASNAS201814
OrgMEVSPACE sp. z o.o
Coords52.1783, 21.0602
Proxy

VirusTotal

Not checked

WHOIS

description
Port Scan 2024-10-15T09:48:16.000Z -> 95.214.52.167 scanned port 34569 on one of our servers

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 5 days ago
Appeared in 31 threat reports