IOC Radar
IPMediumSignal 57/100

95.77.239.199

Location
RomaniaRomania
Aiud, AB
ASN
AS12302
UPC Romania
First Seen
Jul 7, 2025
Last Seen
Nov 27, 2025
Jul 7
First Seen
338d ago
Nov 27
Last Seen
194d ago
7
Reports
source reports
57%
Confidence
medium
1/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
57%
Signal Score
57 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

22 techniques

Network Information

CountryRORomania
RegionAiud, AB
ASNAS12302
OrganizationUPC Romania

Feed Intelligence Summary

7 reports57% confidence
7
Source reports
57%
Confidence score
Category tags
active scanningattackbotnetbotnet activitybrute forcebrute force attackcommand and controlcredential accesscredential attackcredential stuffingdata exfiltrationdefault password attackdistributed attackseuropeindicatorlegacy protocol abusemalicious activitymalicious softwaremalwarenetworknetwork securitynorth americapassword attacksprocess injectionprotocol exploitationreconnaissanceremote access attemptresearchedromaniascannerscanning activityt1021.001t1040t1046t1055t1059.001t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp/23telnet threatthreat actorunited states

Activity Timeline

1 total obs
Nov 27Nov 27

Threat Activity Heatmap

· Peak: 2025-11-27
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, signals a significant potential threat to organizational security. Its presence in threat intelligence feeds, combined with a score of 56.74, suggests it is actively involved in malicious activities such as reconnaissance, credential brute-forcing, and potentially resource hijacking or denial-of-service attempts. Failure to address this IOC could lead to unauthorized access, data breaches, system compromise, or disruption of critical services.…

Threat ScoreMedium Risk
57
SIGNAL
Signal Score
57%
Confidence
7
Reports
First seenJul 7, 2025
Last seenNov 27, 2025
GeolocationRO
CountryRomania
LocationAiud, AB
ASNAS12302
OrgUPC Romania
Coords46.3139, 23.7203

VirusTotal

1/ 91vendors flagged
1% detection rateJun 3, 2026

WHOIS

description
Logged 3 visits on 1 honeypot. Average duration: 39.79s, did not supply credentials
raw
inetnum: 95.77.236.0 - 95.77.239.255 netname: UPCRO descr: UPC Romania AIUD country: RO admin-c: UPC1-RIPE tech-c: UPC1-RIPE remarks: AW-INFRA remarks: *********************************** remarks: * report abuse to [email protected] * remarks: *********************************** status: ASSIGNED PA mnt-by: ASTRALTELECOM-MNT mnt-lower: ASTRALTELECOM-MNT mnt-routes: ASTRALTELECOM-MNT created: 2011-01-11T09:08:48Z last-modified: 2011-01-11T09:08:48Z source: RIPE # Filtered role: UPC Romania LIR address: 62D, Nordului St. address: District 1, 014104 address: Bucharest phone: +40-31-1018100 fax-no: +40-31-1018101 org: ORG-ATS4-RIPE admin-c: IOS5-RIPE tech-c: IOS5-RIPE nic-hdl: UPC1-RIPE abuse-mailbox: [email protected] mnt-by: ASTRALTELECOM-MNT created: 2007-03-21T11:28:17Z last-modified: 2025-02-10T07:33:58Z source: RIPE # Filtered route: 95.77.0.0/16 descr: UPC Romania origin: AS12302 mnt-by: ASTRALTELECOM-MNT created: 2021-03-29T16:32:46Z last-modified: 2021-03-29T16:32:46Z source: RIPE # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 11 months ago · Last seen 6 months ago
Appeared in 7 threat reports