IPMediumSignal 37/100
82.207.8.162
Location
UkraineKyiv, 65
ASN
AS6849
JSC Ukrtelecom
First Seen
Nov 26, 2024
Last Seen
Apr 21, 2026
Nov 26
First Seen
561d ago
Apr 21
Last Seen
51d ago
18
Reports
source reports
37%
Confidence
medium
4/91
VirusTotal
detections
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
37%
Signal Score
37 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUkraine
UkraineRegionKyiv, 65
ASNAS6849
OrganizationJSC Ukrtelecom
Feed Intelligence Summary
18 reports37% confidence
18
Source reports
37%
Confidence score
Category tags
abuseaccount discoveryaccount profilingaccount takeoveractive scanactive scanningatif feedattackaustraliaauthenticationauthentication attackauthentication attacksauto-generated securitybad reputationbanlist feedbinary defensebotnetbotnet activitybrute forcebrute force attackbrute force attemptcisco devicecommand and controlcommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingcredential stuffing attemptsctadata exfiltrationdata store exposureddosddos attemptdecoy systemdenial-of-servicedevice managementdistributed attacksenterprise networkingeuropeexploitation activityfail2ban alertfail2ban triggeredfailed login attemptsftpftp brute forcehackinghttp scanneridentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinjection activitylogin attackmalicious activitymalicious softwaremalwaremanualmultiple failed loginsnetworknetwork infrastructurenetwork intrusionnetwork reconnaissancenetwork scanningnetwork securitynetwork security monitoringoceaniapassword attackpassword attacksphishingphishing attackprocess injectionreconnaissanceremote accessremote servicesresearchedscannersecurity operationssftp attacksocial engineeringssh attackssh monitoringt1021t1021.001t1021.004t1040t1041t1055t1059t1071t1071.001t1076t1078t1078.002t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1555t1555.003t1563t1565t1566.001t1566.002t1566.003t1567t1587.001t1589t1589.002t1590.001t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat intelligencetor nodeukraineunauthorized accessunited kingdomweb traffic
Activity Timeline
Apr 21Apr 21
Threat Activity Heatmap
· Peak: 2026-04-21LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
37
SIGNAL
Signal Score
37%
Confidence
18
Reports
First seenNov 26, 2024
Last seenApr 21, 2026
GeolocationUA
CountryUkraine
LocationKyiv, 65
ASNAS6849
OrgJSC Ukrtelecom
Coords46.3661, 33.5387
WHOIS
- description
- Host bruteforcing SSH
- raw
- inetnum: 82.207.0.0 - 82.207.63.255 netname: UKRTELNET-DIAL-UP descr: NCC # 2011011865 Approved IP assignment country: ua remarks: E-mail for SPAM and abuse [email protected] admin-c: ARM42-RIPE tech-c: ARM42-RIPE status: ASSIGNED PA mnt-by: AS6849-MNT created: 2011-01-18T08:55:56Z last-modified: 2021-05-19T16:16:15Z source: RIPE person: Remiga Alexander address: JSC UKRTELECOM address: 18, Shevchenko blvd address: Ukraine, Kiev phone: +380 (44) 288-1072 nic-hdl: ARM42-RIPE mnt-by: AS6849-MNT created: 2008-04-07T17:03:57Z last-modified: 2014-03-19T10:17:48Z source: RIPE route: 82.207.8.0/24 descr: AGGREGATE BLOCK FOR DATA-CENTER origin: AS6849 mnt-by: AS6849-MNT created: 2023-11-24T10:20:27Z last-modified: 2023-11-24T10:20:27Z source: RIPE
- references
- https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://redpiranha.net, https://github.com/telekom-security/tpotce, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 month ago
Appeared in 18 threat reports