IOC Radar
IPMediumSignal 51/100

82.66.201.8

Location
FranceFrance
Nice, Bretagne
ASN
AS12322
ProXad network / Free SA
First Seen
Oct 27, 2023
Last Seen
Jun 2, 2026
Oct 27
First Seen
961d ago
Jun 2
Last Seen
12d ago
14
Reports
source reports
51%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Network Information

CountryFRFrance
RegionNice, Bretagne
ASNAS12322
OrganizationProXad network / Free SA

Feed Intelligence Summary

14 reports51% confidence
14
Source reports
51%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningattackbad reputationbad web botblacklisted ipbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute-forcec2 communicationcisco devicecloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommunication protocolcommunication technologiescompromised credentialscompromised hostscowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposureddosddos attackddos attacksdecoy systemdenial of servicedevice managementdistributed attacksenterprise networkingeuropeexploit attemptsexploitation activityexploited hostfrfranceftp brute forcehackinghoneytrap honeypothttp brute forceidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot targetediot/ics attackkfsensor honeypotlamplateral movementmalicious activitymalicious domainmalicious network activitymalicious softwaremalwaremalware capturemalware distributionmalware propagationmalware scanningmanualmirai botnetmobile carriersmobile networksnetworknetwork attacksnetwork infrastructurenetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksphishingphishing attackpolandprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote servicesresearchedresource hijackingscanscannerscanning activitysecurity policyservice scansftp attacksmtp brute forcesocial engineeringsocradar honeypotsql injection attemptssshssh attackssh monitoringt1016t1021t1021.001t1021.002t1040t1041t1046t1055t1056.001t1059t1059.001t1071t1071.001t1076t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1568t1587.001t1588t1588.004t1590.001t1595t1595.001t1595.002t1595.003targeting databasetcp protocoltcp/23telecom servicestelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotceweb app attack

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
14
Reports
First seenOct 27, 2023
Last seenJun 2, 2026
GeolocationFR
CountryFrance
LocationNice, Bretagne
ASNAS12322
OrgProXad network / Free SA
Coords48.8131, 2.3641

VirusTotal

Not checked

WHOIS

raw
inetnum: 82.66.200.0 - 82.66.201.255 netname: FR-PROXAD-ADSL descr: Proxad / Free SAS descr: Static pool (Freebox) descr: baumettes-1 (nice) descr: NCC#2003105443 country: FR admin-c: ACP23-RIPE tech-c: TCP8-RIPE status: ASSIGNED PA remarks: Spam/Abuse requests: mailto:[email protected] mnt-by: PROXAD-MNT created: 2003-10-29T15:58:17Z last-modified: 2003-10-29T15:58:17Z source: RIPE role: Administrative Contact for ProXad address: Free SAS / ProXad address: 8, rue de la Ville L'Eveque address: 75008 Paris phone: +33 1 73 50 20 00 fax-no: +33 1 73 92 25 69 remarks: trouble: Information: http://www.proxad.net/ remarks: trouble: Spam/Abuse requests: mailto:[email protected] admin-c: APfP1-RIPE tech-c: TPfP1-RIPE nic-hdl: ACP23-RIPE mnt-by: PROXAD-MNT abuse-mailbox: [email protected] created: 2002-06-26T12:46:56Z last-modified: 2013-08-01T12:16:00Z source: RIPE # Filtered role: Technical Contact for ProXad address: Free SAS / ProXad address: 8, rue de la Ville L'Eveque address: 75008 Paris phone: +33 1 73 50 20 00 fax-no: +33 1 73 92 25 69 remarks: trouble: Information: http://www.proxad.net/ remarks: trouble: Spam/Abuse requests: mailto:[email protected] admin-c: APfP1-RIPE tech-c: TPfP1-RIPE nic-hdl: TCP8-RIPE mnt-by: PROXAD-MNT created: 2002-06-26T12:29:10Z last-modified: 2011-06-14T09:03:07Z source: RIPE # Filtered abuse-mailbox: [email protected] route: 82.64.0.0/14 descr: ProXad network / Free SA descr: Paris, France origin: AS12322 mnt-by: PROXAD-MNT created: 2003-04-03T09:35:03Z last-modified: 2003-04-03T09:35:03Z source: RIPE # Filtered
references
https://jamesbrine.com.au/vultrwarsaw-telnet-bruteforce-ip-list-2025-09-27/, https://jamesbrine.com.au, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 12 days ago
Appeared in 14 threat reports