IOC Radar
IPMediumSignal 50/100

188.143.244.132

Location
Russian FederationRussian Federation
St Petersburg, St.-Petersburg
ASN
AS44050
Petersburg Internet Network LLC
First Seen
Apr 6, 2025
Last Seen
Apr 24, 2026
Apr 6
First Seen
448d ago
Apr 24
Last Seen
65d ago
14
Reports
source reports
50%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
50%
Signal Score
50 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

51 techniques

Network Information

CountryRURussian Federation
RegionSt Petersburg, St.-Petersburg
ASNAS44050
OrganizationPetersburg Internet Network LLC

Feed Intelligence Summary

14 reports50% confidence
14
Source reports
50%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney honeypotantispamapacheapache attackerattackauthentication attemptsbad reputationbad web botblacklisted ipbot trafficbotnetbotnet activitybotnet activity detectedbrute forcebrute force attackbrute force attemptsbrute-forcec2c2 communicationciscocisco brute forcecisco devicecisco exploitation attemptscommand & controlcommand and controlcommunication protocolcompromised devicecompromised hostcompromised hostscompromised systemcowriecowrie activitycowrie honeypotcowrie ssh attackscredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosddos attackdecoy systemdenial of servicedevice managementdionaeadionaea activitydionaea honeypotdionaea malware collectiondistributed attacksemailenterprise networkingeurope/asiaexploitexploitation activityftp brute forcehackinghoneytrap honeypotidentity & access exploitationindicatorinitial accessinjection activityintrusion detectionlamplamp exploitation attemptslog4jmailoney honeypotmalicious activitymalicious domainmalicious ip activitymalicious payloadmalicious sip activitymalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware distributionnetworknetwork infrastructurenetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningnetwork trafficpassword attacksphishingphishing attackphishing trapprocess injectionransomwareratreconnaissanceremote accessremote servicesresearchedresource hijackingrussiarussian federationscannerscanning activityscripting attackssecurity operationssentrypeer activitysentrypeer botnetservice scansftpsftp access attemptssftp attacksipsip brute forcesip scanningsmtp probingsocial engineeringspamsshssh attackssh monitoringt1016t1021t1021.001t1021.004t1040t1041t1046t1055t1057t1059t1059.001t1059.004t1059.007t1068t1071t1071.001t1071.004t1076t1078t1078.001t1078.002t1078.003t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1497.001t1499t1499.001t1499.002t1499.003t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1573t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat actor activitythreat detectionthreat intelligencetor nodetpotunauthenticated access attemptsunauthorized access attemptvoipvoip attackweb app attackweb application attackweb attackweb exploitationweb spam

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

· Peak: 2026-04-24
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
50
SIGNAL
Signal Score
50%
Confidence
14
Reports
First seenApr 6, 2025
Last seenApr 24, 2026
GeolocationRU
CountryRussian Federation
LocationSt Petersburg, St.-Petersburg
ASNAS44050
OrgPetersburg Internet Network LLC
Coords55.7386, 37.6068

VirusTotal

Not checked

WHOIS

raw
inetnum: 188.143.240.0 - 188.143.255.255 netname: PIN-HOMEUSERS descr: PIN-NET for FTTH clients country: RU admin-c: MNV32-RIPE tech-c: SEO-RIPE status: ASSIGNED PA mnt-by: MNT-PIN mnt-routes: MNT-PIN mnt-domains: MNT-PIN created: 2010-09-07T05:56:10Z last-modified: 2022-09-21T05:28:55Z source: RIPE person: Metluk Nikolay Valeryevich address: korp. 1a 40 Slavy ave., address: St.-Petersburg, Russia phone: +7 812 4483863 fax-no: +7 812 3093916 nic-hdl: MNV32-RIPE mnt-by: MNT-PIN created: 2007-11-08T00:04:35Z last-modified: 2012-01-04T07:11:49Z source: RIPE # Filtered person: Strukov Evgeny Olegovich address: Saint Petersburg, 192236 address: Sofiyskaya Ulitsa 48, Lit A, room 11H, office 11/1 phone: +7 812 6772525 nic-hdl: SEO-RIPE mnt-by: MNT-PIN created: 2007-11-21T20:44:31Z last-modified: 2025-06-05T21:25:47Z source: RIPE # Filtered route: 188.143.128.0/17 descr: Petersburg Internet Network LLC origin: as44050 mnt-by: MNT-PIN mnt-by: MNT-PINSUPPORT created: 2009-06-15T19:31:42Z last-modified: 2015-07-19T19:54:09Z source: RIPE
references
https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://example.com

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 14 threat reports