IOC Radar
IPMediumSignal 89/100

82.197.67.130

Location
United StatesUnited States
Orangeburg, New Jersey
ASN
AS40021
Contabo GmbH
First Seen
Dec 12, 2025
Last Seen
Jun 16, 2026
Dec 12
First Seen
197d ago
Jun 16
Last Seen
11d ago
16
Reports
source reports
89%
Confidence
medium
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
89%
Signal Score
89 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

11 techniques

Network Information

CountryUSUnited States
RegionOrangeburg, New Jersey
ASNAS40021
OrganizationContabo GmbH

Feed Intelligence Summary

16 reports89% confidence
16
Source reports
89%
Confidence score
Category tags
abuseactive scanactive scanningaptbad reputationbad web botblocklist_allbotnet activitybrute forcebrute force attackbrute-forcebruteforcecredential accesscredential stuffingddosddos attackdenial of serviceexploitation activityexploited hosthackingidentity & access exploitationinbound scanindicatormalwarenetworknorth americapassword attacksransomwarereconnaissanceresearchedscannersocradar honeypotsshssh attackt1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595t1595.001t1595.002t1595.003threat actortpotunited statesusweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
Jun 16Jun 16

Threat Activity Heatmap

· Peak: 2026-06-16
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
89
SIGNAL
Signal Score
89%
Confidence
16
Reports
First seenDec 12, 2025
Last seenJun 16, 2026
GeolocationUS
CountryUnited States
LocationOrangeburg, New Jersey
ASNAS40021
OrgContabo GmbH
Coords40.7357, -74.1724

VirusTotal

Not checked

WHOIS

description
Score: 100/100. Labels: abuseipdb:brute-force, abuseipdb:critical, abuseipdb:exploited-host, abuseipdb:hacking, abuseipdb:port-scan, abuseipdb:reported. 82.197.67.130 classified as botnet node participating in coordinated attack campaigns (high confidence). Origin: enriched. Listed on: FireHOL (firehol_level3); AbuseIPDB (brute-force, critical, exploited-host).
raw
NetRange: 82.0.0.0 - 82.255.255.255 CIDR: 82.0.0.0/8 NetName: 82-RIPE NetHandle: NET-82-0-0-0-1 Parent: () NetType: Allocated to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2002-11-23 Updated: 2025-02-10 Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois. Ref: https://rdap.arin.net/registry/ip/82.0.0.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE ReferralServer: whois.ripe.net ResourceLink: https://apps.db.ripe.net/db-web-ui/query OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 6 months ago · Last seen 11 days ago
Appeared in 16 threat reports