IPMediumSignal 63/100

`62.85.47.91`

Location

Latvia

Ogre, 067

ASN

AS12578

Microlink Latvia

First Seen

Mar 30, 2025

Last Seen

Feb 20, 2026

Mar 30

First Seen

436d ago

Feb 20

Last Seen

110d ago

Reports

source reports

63%

Confidence

medium

Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

63%

Signal Score

63 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

33 techniques

Network Information

Country

Latvia

RegionOgre, 067

ASNAS12578

OrganizationMicrolink Latvia

Feed Intelligence Summary

7 reports63% confidence

Source reports

63%

Confidence score

Category tags

abuseaccess controlactive scanningadbhoney honeypotattackbotnetbrute forcebrute force attackbrute force attemptcommand and controlcommand executioncommunication protocolconpot honeypotcowrie honeypotcredential accesscredential stuffingdata exfiltrationdatabase securityddos attacksdecoy systemdionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringeuropeftp brute forceics securityindicatorindustrial control systemsinternet of thingsintrusion detectioniociot botnetiot/ics attacklatviamalicious activitymalicious network activitymalicious softwaremalwaremalware behaviourmalware capturemirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksprocess injectionprotocol exploitationreconnaissanceredis brute forceredis honeypotresearchedresource hijackingscanscannersecurity policysentrypeer botnetserver exploitationsftp attacksip brute forcesip scanningssh attackssh monitoringt1021t1021.002t1040t1041t1046t1055t1056.001t1059t1059.001t1059.005t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1505.004t1565t1589t1595t1595.001t1595.002t1595.003tannertcp protocoltelecommunicationstelnet threatthreat actorthreat intelligencethreat preventionunauthorized access attemptsvoipvoip attack

Activity Timeline

1 total obs

Feb 20Feb 20

Threat Activity Heatmap

· Peak: 2026-02-20

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Threat ScoreMedium Risk

SIGNAL

Signal Score

63%

Confidence

Reports

First seenMar 30, 2025

Last seenFeb 20, 2026

GeolocationLV

CountryLatvia

LocationOgre, 067

ASNAS12578

OrgMicrolink Latvia

Coords56.8099, 24.7397

VirusTotal

Not checked

WHOIS

description: Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
references: https://github.com/telekom-security/tpotce

`62.85.47.91`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy