IOC Radar
IPMediumSignal 63/100

185.70.42.36

Location
SwitzerlandSwitzerland
Plan-les-Ouates, Geneve
ASN
AS62371
Proton Technologies AG
First Seen
Jan 23, 2025
Last Seen
Jun 8, 2026
Jan 23
First Seen
518d ago
Jun 8
Last Seen
17d ago
8
Reports
source reports
63%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
63%
Signal Score
63 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

40 techniques

Network Information

CountryCHSwitzerland
RegionPlan-les-Ouates, Geneve
ASNAS62371
OrganizationProton Technologies AG

IP Category

VPN
VPN exit node

Feed Intelligence Summary

8 reports63% confidence
8
Source reports
63%
Confidence score
Category tags
academic institutionsactive scanactive scanningakamaiasn1aptarchasiabackupbecbrute forcechcivil servicescommunication technologiescopiedcredential accesscredential harvestingcredential stuffingcredential theftcubadatadata encryptiondata exfiltrationdata store exposuredesc1educational resourceseducational serviceseducational technologyelectronic health recordsencryptionentryerroreuropeexists1exploitation activityextortionfinlandfranceftp brute forcegeoipgermanyghostgooglegovernment technologyhealth care and social assistancehealth information technologyhealthcare information systemshigher educationhoneynet connecthospital managementhostshttp brute forceidentity & access exploitationindonesiainformation technologyinjection activityinput validation bypassit infrastructurek-12 educationlateral movementlevel3loggerlogin attemptmalicious softwaremalwaremd51mediamedical servicesmetasploitmexicominimobile carriersmobile networksmodelmz created1networknetwork enumerationnetwork intrusionnetwork scanningnetwork securityno problemsnorth americapasspassword attackpath traversalpatient carephishingphishing attackpipespolandprobeprocess injectionprotocol exploitationprotonproxypublic administrationpublic infrastructurepublic policypublic urlransomwarereconnaissanceregulatory agenciesremote accessremote servicesresearchedrootkitscanidscannerscanning activityschoolscoreserviceseznamsg2backup drivesmb brute forcesmtp brute forcesocial engineeringsocradarsoftware developmentssh attacksystem disruptiont1001t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1078t1110t1110.001t1110.002t1190t1192t1193t1486t1490t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1592t1595t1595.001t1595.002t1595.003t1598.003tcp scantelecom servicestelecommunicationstelnet threatthreat actortor nodetrashtwitterudp scanukraineunauthorized access attemptunited statesuploadvpnweb application attackweb application exploitationwin32 malwarewindows malware

Activity Timeline

1 total obs
Jun 8Jun 8

Threat Activity Heatmap

· Peak: 2026-06-08
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
63
SIGNAL
Signal Score
63%
Confidence
8
Reports
First seenJan 23, 2025
Last seenJun 8, 2026
GeolocationCH
CountrySwitzerland
LocationPlan-les-Ouates, Geneve
ASNAS62371
OrgProton Technologies AG
Coords46.1667, 6.1167
VPN

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 17 days ago
Appeared in 8 threat reports