IPMediumSignal 60/100
188.116.180.189
Location
Russian FederationOryol, ORL
ASN
AS34629
Resurs-Svyaz Ltd.
First Seen
Jan 24, 2025
Last Seen
Jan 23, 2026
Jan 24
First Seen
505d ago
Jan 23
Last Seen
142d ago
7
Reports
source reports
60%
Confidence
medium
1/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
60%
Signal Score
60 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryRussian Federation
Russian FederationRegionOryol, ORL
ASNAS34629
OrganizationResurs-Svyaz Ltd.
Feed Intelligence Summary
7 reports60% confidence
7
Source reports
60%
Confidence score
Category tags
abuseactive scanningbotnetbrute forcebrute force attackcommand and controlcommunication technologiescredential accesscredential stuffingdata exfiltrationddosdecoy systemdenial of servicedistributed attackseurope/asiaexploit attemptsftp brute forcehttp brute forceindicatorlateral movementloginmalicious activitymalicious softwaremalwaremalware propagationmalware scanningmobile carriersmobile networksnetworknetwork probingnetwork scanningnetwork securitypassword attacksprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedrurussiarussian federationscannersmtp brute forcesql injection attemptsssh attackt1021t1021.001t1040t1046t1055t1059t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.002t1499.003t1563t1565t1588t1595t1595.001t1595.002t1595.003telecom servicestelecommunicationstelnet threatthreat actorthreat intelligence
Activity Timeline
Jan 23Jan 23
Threat Activity Heatmap
· Peak: 2026-01-23LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC) represents a significant and active threat to organizational security. The IP address 188.116.180.189 has been observed engaging in aggressive network scanning and brute-force attempts, as evidenced by its inclusion in multiple high-reputation threat intelligence feeds and detection in honeypot logs. Such activity indicates a deliberate effort by malicious actors to identify and exploit vulnerabilities, potentially leading to unauthorized access, data exfiltrat…
Threat ScoreMedium Risk
60
SIGNAL
Signal Score
60%
Confidence
7
Reports
First seenJan 24, 2025
Last seenJan 23, 2026
GeolocationRU
CountryRussian Federation
LocationOryol, ORL
ASNAS34629
OrgResurs-Svyaz Ltd.
Coords52.9640, 36.0744
WHOIS
- raw
- inetnum: 188.116.160.0 - 188.116.191.0 netname: ORNRUNET remarks: INFRA-AW descr: Resurs-Svyaz Ltd. descr: Orel, Russia descr: Home networks direct access (/19) country: RU admin-c: AAM35-RIPE tech-c: IVS21-RIPE tech-c: AAM35-RIPE tech-c: IAN350-RIPE status: ASSIGNED PA mnt-by: ORNRU-MNT created: 2010-06-25T05:09:56Z last-modified: 2011-07-27T14:36:24Z source: RIPE # Filtered person: Andrew A Melnikow address: Russia 302040 Orel address: Leskova st. 19 mnt-by: ORNRU-MNT phone: +7 4862 402006 fax-no: +7 4862 414141 nic-hdl: AAM35-RIPE created: 1970-01-01T00:00:00Z last-modified: 2014-07-14T09:04:32Z source: RIPE # Filtered person: Aleksander N. Ivanov address: Russia 302000 Orel mnt-by: ORNRU-MNT remarks: phone: +7 0862 409696 phone: +7 4862 409696 nic-hdl: IAN350-RIPE created: 2004-12-28T11:48:05Z last-modified: 2005-12-16T19:34:51Z source: RIPE # Filtered remarks: modified for Russian phone area changes person: Ilya V. Savin address: Russia 302000 Orel mnt-by: ORNRU-MNT phone: +7 4862 402006 nic-hdl: IVS21-RIPE created: 2007-01-29T08:30:50Z last-modified: 2013-06-07T05:36:37Z source: RIPE # Filtered route: 188.116.128.0/18 descr: JSC Resource-Sviaz Home Networks origin: AS34629 mnt-by: ORNRU-MNT created: 2009-06-08T11:26:04Z last-modified: 2009-06-08T11:26:04Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 4 months ago
Appeared in 7 threat reports