IOC Radar
IPMediumSignal 71/100

178.72.71.254

Location
Russian FederationRussian Federation
Tyumen, Tyumenskaya oblast'
ASN
AS8359
Pjsc MTS
First Seen
Jun 1, 2024
Last Seen
Feb 20, 2026
Jun 1
First Seen
743d ago
Feb 20
Last Seen
115d ago
6
Reports
source reports
71%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Network Information

CountryRURussian Federation
RegionTyumen, Tyumenskaya oblast'
ASNAS8359
OrganizationPjsc MTS

Feed Intelligence Summary

6 reports71% confidence
6
Source reports
71%
Confidence score
Category tags
access controlactive scanningbotnetbrute forcebrute force attackbrute force attemptcommand and controlcommunication protocolcredential accesscredential stuffingdata exfiltrationddos attacksdecoy systemdistributed attackseurope/asiaindicatorinternet of thingsintrusion detectioniociot botnetiot/ics attackmalicious network activitymalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksprocess injectionprotocol exploitationreconnaissanceresearchedrussiarussian federationscanscannersecurity policyt1021.002t1040t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat intelligencethreat prevention

Activity Timeline

1 total obs
Feb 20Feb 20

Threat Activity Heatmap

· Peak: 2026-02-20
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
6
Reports
First seenJun 1, 2024
Last seenFeb 20, 2026
GeolocationRU
CountryRussian Federation
LocationTyumen, Tyumenskaya oblast'
ASNAS8359
OrgPjsc MTS
Coords57.1533, 65.5418

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 178.72.68.0 - 178.72.71.255 netname: MTS-TUMEN-NET descr: Tumen branch of PJSC "MTS" descr: Tumen geoloc: 57.153033 65.534328 country: RU admin-c: CCUB1-RIPE tech-c: CCUB1-RIPE status: ASSIGNED PA mnt-by: UTC-MNT created: 2015-05-29T06:11:43Z last-modified: 2019-07-01T16:55:44Z source: RIPE role: Mobile TeleSystems PJSC Ural Branch address: Ural Branch of Mobile TeleSystems PJSC address: 128 Mamina-Sibiryaka address: Ekaterinburg 620026 address: Russia phone: +7 343 3652230 admin-c: AVP24-RIPE tech-c: AVP24-RIPE abuse-mailbox: [email protected] nic-hdl: CCUB1-RIPE mnt-by: UTC-MNT created: 2011-04-16T15:29:55Z last-modified: 2021-04-07T11:47:09Z source: RIPE # Filtered route: 178.72.64.0/21 descr: TNGS-SOUTH network origin: AS44257 mnt-by: TNGS-MNT created: 2011-02-18T07:08:58Z last-modified: 2011-02-18T07:08:58Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 3 months ago
Appeared in 6 threat reports