IOC Radar
IPMediumSignal 78/100

185.228.235.70

Location
Russian FederationRussian Federation
Grozny, CE
ASN
AS64439
SkyHost.ru Cloud
First Seen
Apr 15, 2026
Last Seen
Apr 29, 2026
Apr 15
First Seen
60d ago
Apr 29
Last Seen
46d ago
13
Reports
source reports
78%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
78%
Signal Score
78 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryRURussian Federation
RegionGrozny, CE
ASNAS64439
OrganizationSkyHost.ru Cloud

Feed Intelligence Summary

13 reports78% confidence
13
Source reports
78%
Confidence score
Category tags
abuseactive scanactive scanningaptbad reputationbrute forcebrute force attackbrute-forcecredential accesscredential stuffingeurope/asiaexploitation activityhackingidentity & access exploitationindicatornetworkpassword attacksreconnaissanceresearchedrurussiascannerself-signedssh attackt1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003threat actortor nodeweb app attack

Activity Timeline

1 total obs
Apr 29Apr 29

Threat Activity Heatmap

· Peak: 2026-04-29
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
78
SIGNAL
Signal Score
78%
Confidence
13
Reports
First seenApr 15, 2026
Last seenApr 29, 2026
GeolocationRU
CountryRussian Federation
LocationGrozny, CE
ASNAS64439
OrgSkyHost.ru Cloud
Coords43.3090, 45.6966

VirusTotal

Not checked

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
inetnum: 185.228.235.0 - 185.228.235.255 org: ORG-ZCL8-RIPE netname: ZTV-CORP-RU geofeed: https://static.ztv.su/geofeed.csv country: RU admin-c: ZN564-RIPE tech-c: ZN564-RIPE status: ASSIGNED PA mnt-by: IPMAGNAT-MNT mnt-by: lir-ru-ztv-1-MNT created: 2025-08-02T04:43:07Z last-modified: 2025-09-02T18:00:11Z source: RIPE organisation: ORG-ZCL8-RIPE org-name: ZTV CORP LLC country: RU org-type: LIR address: Romanticheskaya ul. 12 address: 416462 address: village Yaksatovo address: RUSSIAN FEDERATION phone: +79998000369 admin-c: NZ1180-RIPE tech-c: NZ1180-RIPE abuse-c: AR67616-RIPE mnt-ref: lir-ru-ztv2-1-MNT mnt-ref: IPMAGNAT-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: lir-ru-ztv2-1-MNT created: 2022-02-11T10:32:05Z last-modified: 2025-08-05T09:54:52Z source: RIPE # Filtered role: ZTV.SU NOC address: RUSSIAN FEDERATION address: village Yaksatovo address: 416462 address: Romaticheskaya ul. 12 phone: +79998000369 remarks: ********************************************************** remarks: * For spam/abuse/security issues please contact * remarks: * [email protected] * remarks: ********************************************************** nic-hdl: ZN564-RIPE mnt-by: lir-ru-ztv-1-MNT created: 2021-09-13T12:42:35Z last-modified: 2022-10-25T15:35:08Z source: RIPE # Filtered route: 185.228.235.0/24 origin: AS43581 mnt-by: lir-ru-ztv2-1-MNT created: 2025-09-02T17:59:27Z last-modified: 2025-09-02T17:59:27Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 13 threat reports