IPMediumSignal 48/100
81.177.140.54
Location
Russian FederationMoscow, Moscow
ASN
AS8342
Avguro Technologies Ltd.
First Seen
Apr 9, 2025
Last Seen
Apr 1, 2026
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
48%
Signal Score
48 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryRussian Federation
Russian FederationRegionMoscow, Moscow
ASNAS8342
OrganizationAvguro Technologies Ltd.
Feed Intelligence Summary
12 reports48% confidence
12
Source reports
48%
Confidence score
Category tags
abuseactive scanactive scanningapacheapache attackerattackauto-generated securityautomated attackbad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attemptscommand and controlcommunication protocolcowrie activitycowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposureddosdecoy systemdenial of servicedionaea activitydionaea honeypotdistributed attackseurope/asiaexploitationexploitation activityftp brute forceheralding activityidentity & access exploitationindicatorinitial accessinjection activitylateral movementmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksprocess injectionreconnaissanceresearchedresource hijackingrussiarussian federationscannersentrypeer activitysentrypeer botnetservice scansftp activitysftp attackshell access attemptssip brute forcessh attackssh monitoringt1021t1021.001t1021.004t1021.005t1040t1041t1046t1055t1059t1059.004t1071.001t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat intelligencetor nodevoipvoip attackweb application attackweb exploitation
Activity Timeline
Apr 1Apr 1
Threat Activity Heatmap
· Peak: 2026-04-01LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
48
SIGNAL
Signal Score
48%
Confidence
12
Reports
First seenApr 9, 2025
Last seenApr 1, 2026
GeolocationRU
CountryRussian Federation
LocationMoscow, Moscow
ASNAS8342
OrgAvguro Technologies Ltd.
Coords55.7523, 37.6155
VirusTotal
Not checked
WHOIS
- description
- 2025-05-08T07:07:31.915Z Honeypot : Tanner : Source: 81.177.140.54 : Port: 80 Post Data: {'response': {'message': {'sess_uuid': 'eb7ba82f-a1f1-4670-a870-9da01758c0a5', 'detection': {'type': 1, 'version': '0.6.0', 'order': 1, 'name': 'index'}}}, 'version': '0.6.0'}
- raw
- inetnum: 81.177.140.0 - 81.177.140.255 netname: AVGURO-NET descr: Avguro Technologies Ltd. Hosting service provider descr: Moscow, Russia remarks: *********************************** remarks: Abuse and spam reports remarks: email: [email protected] remarks: telephone: +7 495 2293031 remarks: country: RU admin-c: SU407-RIPE tech-c: SU407-RIPE abuse-c: ATA95-RIPE status: ASSIGNED PA mnt-by: AS8342-MNT created: 2011-10-06T09:20:42Z last-modified: 2018-12-11T16:38:30Z source: RIPE # Filtered person: Sergey Ulyashin address: Avguro Technologies Ltd. address: 18, 912, Yunnatov str. address: 127083, Moscow, Russia phone: +74952293031 fax-no: +74952293031 nic-hdl: SU407-RIPE created: 2007-08-07T13:30:58Z last-modified: 2020-06-04T12:20:02Z source: RIPE # Filtered mnt-by: AS8342-MNT route: 81.177.128.0/19 descr: RTCOMM-RU origin: AS8342 mnt-by: AS8342-MNT created: 2015-03-05T10:00:46Z last-modified: 2015-03-05T10:00:46Z source: RIPE
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 2 months ago
Appeared in 12 threat reports