IOC Radar
IPLowSignal 89/100

82.5.191.95

Location
United KingdomUnited Kingdom
Swansea, WLS
ASN
AS5089
Vmcbbuk
First Seen
Jun 3, 2025
Last Seen
Feb 15, 2026
Jun 3
First Seen
376d ago
Feb 15
Last Seen
119d ago
11
Reports
source reports
89%
Confidence
low
0/91
VirusTotal
detections
Found in 11 reports. Confidence: low. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
89%
Signal Score
89 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Network Information

CountryGBUnited Kingdom
RegionSwansea, WLS
ASNAS5089
OrganizationVmcbbuk

Feed Intelligence Summary

11 reports89% confidence
11
Source reports
89%
Confidence score
Category tags
abuseaccess controlactive scanningattackbotnetbrute forcebrute force attackc2 communicationcommand and controlcowrie honeypotcredential accesscredential stuffingdata exfiltrationddosddos participationdecoy systemdenial of servicedistributed attackseuropeexploit activityexploit attemptsftp brute forcehackinghttp brute forceindicatorlateral movementmalicious activitymalicious domainmalicious softwaremalwaremalware propagationmalware scanningnetworknetwork probingnetwork reconnaissancenetwork scanningpassword attacksprocess injectionreconnaissanceremote accessremote servicesresearchedscannersecurity policysftp attacksmtp brute forcesocradar honeypotsql injection attemptsssh attackssh monitoringt1021t1021.001t1041t1046t1055t1059t1071t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.002t1499.003t1563t1565t1573t1573.001t1588t1595t1595.001t1595.002t1595.003threat actorthreat preventionunited kingdom

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
89
SIGNAL
Signal Score
89%
Confidence
11
Reports
First seenJun 3, 2025
Last seenFeb 15, 2026
GeolocationGB
CountryUnited Kingdom
LocationSwansea, WLS
ASNAS5089
OrgVmcbbuk
Coords51.7241, -4.0637

VirusTotal

0/ 91vendors flagged
0% detection rateJun 8, 2026

WHOIS

raw
inetnum: 82.5.188.0 - 82.5.191.255 netname: VMCBBUK descr: GORSEINON country: GB admin-c: NNMC1-RIPE tech-c: NNMC1-RIPE status: ASSIGNED PA mnt-by: AS5089-MNT remarks: Virgin Media Consumer Broadband UK remarks: Report Abuse via http://www.virginmedia.com/netreport created: 2022-07-25T05:47:32Z last-modified: 2022-07-25T05:47:32Z source: RIPE # Filtered role: Virgin Media Network Management Centre org: ORG-CIL2-RIPE address: Virgin Media address: 500 Brook Drive Green Park address: Reading address: Berkshire address: RG2 6UU admin-c: IPAM2-RIPE tech-c: IPAM2-RIPE nic-hdl: NNMC1-RIPE mnt-by: AS5089-MNT created: 2002-09-13T13:38:42Z last-modified: 2019-12-19T16:18:20Z source: RIPE # Filtered route: 82.4.0.0/14 descr: VIRGIN-MEDIA-UK-IP-BLOCK remarks: Report Abuse via http://www.virginmedia.com/netreport origin: AS5089 mnt-by: AS5089-MNT created: 2004-09-29T14:27:08Z last-modified: 2019-03-04T16:44:27Z source: RIPE # Filtered
references
https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

low
First detected 1 year ago · Last seen 3 months ago
Appeared in 11 threat reports