IOC Radar
IPMediumSignal 100/100

82.153.138.39

Location
RomaniaRomania
Orăştie, ENG
ASN
AS214209
Internet Magnate (Pty) Ltd
First Seen
Sep 10, 2024
Last Seen
Nov 28, 2025
Sep 10
First Seen
640d ago
Nov 28
Last Seen
197d ago
9
Reports
source reports
99%
Confidence
medium
12/91
VirusTotal
detections
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

41 techniques

Network Information

CountryRORomania
RegionOrăştie, ENG
ASNAS214209
OrganizationInternet Magnate (Pty) Ltd

Feed Intelligence Summary

9 reports99% confidence
9
Source reports
99%
Confidence score
Category tags
active scanningarmasciiattackbashbotnetbrute forcec2closed portcobalt strikecobaltstrikecommand and controlcommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationddosddos attacksdecoy systemdenial of servicedistributed attacksdlldropped-by-privateloaderelfeuropeexeexploitexternal network scanexternal reconnaissancefiltered portgafgytindicatorinformation gatheringinternet of thingsiocsiot botnetiot/ics attackmalicious activitymalicious softwaremalwaremarsstealermetasploitmeterpretermipsmirai botnetmozinetworknetwork attacksnetwork discoverynetwork probingnetwork reconnaissancenetwork scanningnetwork securityopen portopendirphishing attackpossible vulnerability assessmentpotential vulnerability scanpotential vulnerability scanningprivateloaderprocess injectionrarreconnaissanceredlinestealerremcosratresearchedresource hijackingromaniasaint helena, ascension and tristan da cunhascannersentrypeer botnetservice discoverysftp attackshell scriptshellscriptsocial engineeringssh attackssh monitoringstealcstealtht1003t1016t1018t1027t1040t1041t1046t1047t1053t1055t1059t1059.001t1071t1071.001t1083t1105t1110.002t1189t1190t1203t1204t1210t1486t1496t1499.001t1499.002t1499.003t1547t1565t1566t1566.001t1566.002t1566.003t1569.002t1588t1589t1595t1595.001t1595.002t1595.003t1608tannertcp protocoltelecommunicationsthreat actorua-wgetunited kingdomunknown portvbsvidarvoipvoip attackx64x86xmrig

Activity Timeline

1 total obs
Nov 28Nov 28

Threat Activity Heatmap

· Peak: 2025-11-28
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
9
Reports
First seenSep 10, 2024
Last seenNov 28, 2025
GeolocationRO
CountryRomania
LocationOrăştie, ENG
ASNAS214209
OrgInternet Magnate (Pty) Ltd
Coords51.3226, -0.1970

VirusTotal

12/ 91vendors flagged
13% detection rateJun 8, 2026

WHOIS

description
Host scanning unknown application ports (Web, SMB, SSH, TELNET, ... are in other pulses). Details in pulse
raw
inetnum: 82.153.138.0 - 82.153.138.255 netname: Internet-MAGNATE-Corporation country: RO geofeed: https://geofeed.ipxo.com/geofeed.txt org: ORG-MHGH4-RIPE admin-c: MHGH2-RIPE tech-c: MHGH2-RIPE abuse-c: MHGH2-RIPE status: ASSIGNED PA remarks: End User Organization mnt-by: netutils-mnt created: 2023-07-28T12:03:21Z last-modified: 2025-02-12T15:25:18Z source: RIPE organisation: ORG-MHGH4-RIPE org-name: Internet Magnate (Pty) Ltd org-type: OTHER remarks: End User Organization address: 1 BONDEV DRIVE address: GAUTENG address: 0157 country: ZA abuse-c: MHGH2-RIPE mnt-ref: IPXO-MNT mnt-ref: netutils-mnt mnt-by: IPXO-MNT mnt-by: netutils-mnt created: 2024-02-24T19:53:16Z last-modified: 2024-12-05T09:21:48Z source: RIPE # Filtered role: Internet Magnate (Pty) Ltd address: 1 BONDEV DRIVE address: 0157 address: GAUTENG address: South Africa nic-hdl: MHGH2-RIPE remarks: End User Organization abuse-mailbox: [email protected] mnt-by: netutils-mnt created: 2024-02-24T19:53:16Z last-modified: 2024-12-05T09:42:01Z source: RIPE # Filtered route: 82.152.0.0/15 origin: AS206509 mnt-by: ECLINET-NMC created: 2020-08-03T09:01:20Z last-modified: 2020-08-03T09:01:20Z source: RIPE route: 82.152.0.0/15 origin: AS8851 mnt-by: MNT-GCICOM created: 2023-08-21T10:37:13Z last-modified: 2023-08-21T10:37:13Z source: RIPE
references
https://github.com/telekom-security/tpotce, https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 6 months ago
Appeared in 9 threat reports