IOC Radar
IPMediumSignal 55/100

208.115.214.90

Location
FranceFrance
Paris, VA
ASN
AS46475
Limestone Networks
First Seen
Feb 10, 2026
Last Seen
May 27, 2026
Feb 10
First Seen
125d ago
May 27
Last Seen
18d ago
10
Reports
source reports
55%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

39 techniques

Network Information

CountryFRFrance
RegionParis, VA
ASNAS46475
OrganizationLimestone Networks

Feed Intelligence Summary

10 reports55% confidence
10
Source reports
55%
Confidence score
Category tags
abuseactive scanactive scanningattackaustraliaauthentication attackbad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attemptsbrute-forcebrute_forcebruteforcec2_communicationciscocisco devicecisco exploitation attemptscommand & controlcommand and controlcommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingcredential_accessdata encryptiondata exfiltrationdata store exposureddosdecoy systemdenial of servicedevice managementdionaeadionaea honeypotdistributed attacksemailencryptionenterprise networkingeuropeexploitexploit attemptexploitation activityexploited hostfattfrfranceftpftp brute forceftp_bruteforcehackinghoneytrap honeypothttp brute forcehttp scannerhttpsidentity & access exploitationindicatorinfected_systeminjection activityioclamplamp vulnerability scanlateral movementmailoney honeypotmalicious activitymalicious softwaremalicious trafficmalicious_activitymalwaremalware behaviourmalware capturemalware propagationmssqlnetworknetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork protocolnetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnetwork_intrusionnetwork_reconnaissancenorth americaoceaniaopenctip0fpassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationreconnaissancereconnaissance activityremote accessremote servicesresearchedresource hijackingscannerscanning activitysensor-taggedsentrypeer botnetservice scansftpsftp attacksftp exploitation attemptsipsip attackssip brute forcesmtpsocial engineeringsshssh attackssh monitoringssh_bruteforcesystem discoveryt1021t1021.001t1021.002t1040t1041t1046t1047t1055t1059t1068t1071t1071.001t1076t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1589t1595t1595.001t1595.002t1595.003tannertcp scantelecommunicationstelnet threattelnet_bruteforcethreat actorthreat detectionthreat intelligencetor nodetpottpotceudp scanunited statesvoipvoip attackvulnerability scanweb application attackweb exploitationweb traffic

Activity Timeline

1 total obs
May 27May 27

Threat Activity Heatmap

· Peak: 2026-05-27
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
10
Reports
First seenFeb 10, 2026
Last seenMay 27, 2026
GeolocationFR
CountryFrance
LocationParis, VA
ASNAS46475
OrgLimestone Networks
Coords39.0180, -77.5390

VirusTotal

Not checked

WHOIS

raw
NetRange: 208.115.192.0 - 208.115.255.255 CIDR: 208.115.192.0/18 NetName: LIMESTONE-NETWORKS NetHandle: NET-208-115-192-0-1 Parent: NET208 (NET-208-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Limestone Networks, Inc. (LIMES-2) RegDate: 2010-01-06 Updated: 2024-01-08 Comment: https://www.limestonenetworks.com/ Comment: Geofeed https://geofeed.limestonenetworks.com/geofeed.csv Ref: https://rdap.arin.net/registry/ip/208.115.192.0 OrgName: Limestone Networks, Inc. OrgId: LIMES-2 Address: 400 S. Akard Street Address: Suite 200 City: Dallas StateProv: TX PostalCode: 75202 Country: US RegDate: 2007-12-04 Updated: 2024-11-25 Comment: http://limestonenetworks.com/ Ref: https://rdap.arin.net/registry/entity/LIMES-2 ReferralServer: rwhois://rwhois.limestonenetworks.com:4321 OrgAbuseHandle: ABUSE1804-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-214-242-3600 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE1804-ARIN OrgTechHandle: NOC2791-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-214-242-3600 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC2791-ARIN RNOCHandle: NOC2791-ARIN RNOCName: Network Operations Center RNOCPhone: +1-214-242-3600 RNOCEmail: [email protected] RNOCRef: https://rdap.arin.net/registry/entity/NOC2791-ARIN RAbuseHandle: ABUSE1804-ARIN RAbuseName: Abuse RAbusePhone: +1-214-242-3600 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE1804-ARIN RTechHandle: NOC2791-ARIN RTechName: Network Operations Center RTechPhone: +1-214-242-3600 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/NOC2791-ARIN
references
https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 months ago · Last seen 18 days ago
Appeared in 10 threat reports