IOC Radar
IPMediumSignal 72/100

82.102.149.88

Location
IsraelIsrael
Netanya, TA
ASN
AS12400
Partner
First Seen
Jan 7, 2022
Last Seen
Jun 14, 2026
Jan 7
First Seen
1630d ago
Jun 14
Last Seen
11d ago
34
Reports
source reports
72%
Confidence
medium
Found in 34 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
72%
Signal Score
72 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

51 techniques

Network Information

CountryILIsrael
RegionNetanya, TA
ASNAS12400
OrganizationPartner

Feed Intelligence Summary

34 reports72% confidence
34
Source reports
72%
Confidence score
Category tags
abuseabuseipdbaccess controlaccount compromiseaccount enumerationactive scanactive scanningactive-attackadresse ipaerospace & defenseaptasiaatif feedattackattack source ipattacker-ipauthentication attackauthentication attacksauthentication bypassauthentication-failureauto-generated securityautomated multi-vector probingautomotive manufacturingazure adbad reputationbankingbanlist feedbelgiumbelgium ip addressesbinary defenseblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attemptbrute-forcebrute-force attackbruteforcec2 communicationc2 serverchinacisco devicecisco exploit attemptscivil servicescloud environmentcloud infrastructurecloud infrastructure attackcloud servicescode-injectioncommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostcompromised hostscowriecowrie honeypotcredential accesscredential access attemptcredential attackcredential attackscredential compromisecredential harvestingcredential stuffingcredential-dumpingcredential-harvestingcredit card servicesctadata exfiltrationdata store exposuredata theftddosddos attackdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedevice managementdigital oceandigitalocean infrastructuredistributed attacksdns attackdnsblelectronics manufacturingemailenterprise networkingenv-huntingeuropeexploitationexploitation activityexploited hostexternal-threatfail2ban triggeredfinancefinancial servicesfinancial technologyfinlandfinland activityfinland based targetfnt-secure-sentinelfnt-sentinelfrancefraud ordersftpftp brute forceftp brute-forcegermanygovernment technologyhackinghoneynet connecthoneytrap honeypothttp brute forcehttp enumerationhttp scannerhttpsidentity & access exploitationilimapimap attackimap brute forceindicatorindustrial automationindustrial iotindustrial productioninformation technologyinfrastructure acquisitionreconnaissanceinitial accessinitial-accessinjection activityinternet facing assetinternet-facing assetsinternet-wide scanintrusion detectioniociot securityip-addressipv4ipv4-iocisraelit infrastructurelamplamp exploit attemptslateral movementlcialogin attacklogin attemptlogin attemptslogin brute forcelogin failuremalaysiamalicious activitymalicious sftp loginmalicious softwaremalicious ssh loginmalicious-ipmalwaremalware distributionmanualmanufacturing technologymicrosoft entra idmilitary operationsmultiple accounts targetedmultiple usersmultiple users affectednational securitynetworknetwork attacksnetwork brute forcenetwork discoverynetwork infrastructurenetwork intrusionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnetwork-attacknetwork-discoverynextraynginxnorth americaopenctiopportunistic attackpassword attackpassword attackspassword crackingpassword sprayingpayment processingphishingphishing attackpolandpop3 brute forceport-scanprocess injectionprocess manufacturingprotocol exploitationpublic administrationpublic infrastructurepublic policyquality controlransomwarereconnaissanceregulatory agenciesremote accessremote servicesresearchedresource hijackingrtbhsaslsasl brute forcescams & fraudscannerscannersscanning activitysecurity operationssecurity policyself-signedservice scansftp attacksingaporesmtpsmtp attackersmtp brute forcesmtp-attacksocial engineeringsoftware developmentspamsql-injectionsshssh attackssh monitoringssh-brutesupply chain attacksupply chain managementt-pott1018t1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1071t1071.001t1076t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1486t1496t1499.001t1499.002t1499.003t1550.002t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1573t1573.001t1587.001t1588.004t1589t1589.002t1590t1590.001t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp based attacktcp brute forcetcp protocoltcp scantelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodeturkeyudp scanunauthorized accessunauthorized access attemptunauthorized login attemptsunited kingdomunited statesvalid accountsvoidtrapvulnerability scanvulnerability-scanvultr-platformwealth managementweb app attackweb application attackweb exploitationweb spamweb trafficweb-attack

Activity Timeline

1 total obs
Jun 14Jun 14

Threat Activity Heatmap

· Peak: 2026-06-14
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
72
SIGNAL
Signal Score
72%
Confidence
34
Reports
First seenJan 7, 2022
Last seenJun 14, 2026
GeolocationIL
CountryIsrael
LocationNetanya, TA
ASNAS12400
OrgPartner
Coords32.0668, 34.7649

VirusTotal

Not checked

WHOIS

description
FNT Sentinel Real-time Intercept: SMTP brute-force detected. Reference: 2026-05-09 08:30:14.2278 Login failure: 82.102.149.88 SMTP
raw
inetnum: 82.102.145.0 - 82.102.159.255 netname: PARTNER-AS descr: SP Subscribers-Dynamic private, soho, & sme customers (basic connectivity) country: IL admin-c: AIP63-RIPE tech-c: DR5299-RIPE status: ASSIGNED PA mnt-by: PARTNERCOM-MNT created: 2015-02-05T13:05:03Z last-modified: 2019-04-18T10:14:38Z source: RIPE role: DNS REG remarks: Hostmaster and LIR remarks: 012 Smile Communications Ltd. address: Hasivim 25 Petach-Tikva,Israel nic-hdl: DR5299-RIPE admin-c: PT5956-RIPE admin-c: AT14340-RIPE admin-c: HAI18-RIPE admin-c: GE1901-RIPE admin-c: IK2932-RIPE admin-c: RG15147-RIPE admin-c: ENT11-RIPE tech-c: PT5956-RIPE tech-c: RG15147-RIPE tech-c: HAI18-RIPE tech-c: GE1901-RIPE tech-c: GMLT1-RIPE tech-c: IK2932-RIPE tech-c: ENT11-RIPE mnt-by: AS9116-MNT mnt-by: PARTNERCOM-MNT created: 2002-09-19T08:35:05Z last-modified: 2024-01-14T12:38:26Z source: RIPE # Filtered abuse-mailbox: [email protected] person: Abuse ISP Partner remarks: Network Abuse Investigation Department address: 8 Amal Street Rosh Ha'ayin ,Israel 48103 phone: +972 547814505 address: Partner Communications Ltd. nic-hdl: AIP63-RIPE mnt-by: AS12400 created: 2019-02-05T06:38:13Z last-modified: 2021-12-05T16:12:04Z source: RIPE # Filtered route: 82.102.144.0/21 descr: Partner Communications Block origin: AS12400 mnt-by: AS12400-MNT created: 2012-05-07T08:59:23Z last-modified: 2012-05-07T08:59:23Z source: RIPE
references
https://purplesynapz.com/, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://list.rtbh.com.tr/output.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt, https://github.com/borestad/blocklist-abuseipdb/blob/main/abuseipdb-s100-3d.ipv4, https://lists.blocklist.de/lists/mail.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 11 days ago
Appeared in 34 threat reports