IPMediumSignal 53/100
81.198.64.158
Location
LatviaRiga, JUR
ASN
AS12578
Bridge Group
First Seen
Jan 7, 2024
Last Seen
May 10, 2026
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
53%
Signal Score
53 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryLatvia
LatviaRegionRiga, JUR
ASNAS12578
OrganizationBridge Group
Feed Intelligence Summary
11 reports53% confidence
11
Source reports
53%
Confidence score
Category tags
abuseaccessaccount compromiseactive scanactive scanningadbhoney activityadbhoney honeypotattackaustraliaauto-generated securityautomated attackautomated_attackbad ip'sbad reputationbad web botbotnetbotnet activitybotnet attack trafficbrutebrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptbrute_forcecisco devicecisco exploitation attemptscivil servicescloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommunication protocolcompromised hostconpot honeypotcowriecowrie activitycowrie attackcowrie honeypotcredential accesscredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase attacksdatabase exploitation attemptdatabase securityddosdecoy systemdenial of servicedevice managementdictionary attackdionaeadionaea activitydionaea attackdionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringemailencryptionenterprise networkingeuropeexploitexploit attemptexploit attemptsexploitation activityexploitation attemptexploited hostfattftpftp brute forceftp brute-forcegithubgovernment technologygroupshackinghoneytrap activityhoneytrap honeypothttp c2http scannerhttp scanninghttpsics securityidentity & access exploitationindexindicatorindustrial control systemsinformation technologyinitial accessinitial_accessinjection activityinjection attacksinternet-facing serviceinternet_wide_scanintrusion detectioniocsiot attacksiot botnetiot device targetingiot securityiot/ics attackipphoney honeypotipv4ipv4_indicatorsit infrastructurelamplamp attacklamp stack attacklamp stack targetinglateral movementlatvialinux_server_attackslvmailoney activitymailoney honeypotmalicious activitymalicious payload detectionmalicious softwaremalwaremalware activitymalware behaviourmalware capturemalware detectionmalware distributionmalware_activitynetworknetwork enumerationnetwork infrastructurenetwork intrusion attemptsnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork_intrusionoceaniap0fpassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationpublic administrationpublic infrastructurepublic policypythonransomwarereconnaissanceredis honeypotregulatory agenciesremote accessremote servicesresearchedresource hijackingscannerscannersscanning activityscriptscripting attackssecurity operationssensor-taggedsentrypeer activitysentrypeer botnetserver exploitationsftpsftp activitysftp attackshell access attemptssipsip attackssip brute forcesip scanningslugsocial engineeringsoftware developmentspamsql injectionsshssh attackssh brute-forcessh monitoringsurface websystem discoveryt1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1071t1071.001t1076t1077t1078t1078.001t1078.004t1090t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1566.001t1566.002t1566.003t1566.004t1568.001t1573t1588.004t1590t1590.004t1592t1595t1595.001t1595.002t1595.003tannertanner attacktargeting databasetelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat_activitytor nodetpottpotceunknown threat actorvnc protocolvoipvoip attackvulnerability scanvulnerability-exploitationweb application attackweb application attacksweb attackweb exploitationweb spamweb trafficweb_attack
Activity Timeline
May 10May 10
Threat Activity Heatmap
· Peak: 2026-05-10LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
53
SIGNAL
Signal Score
53%
Confidence
11
Reports
First seenJan 7, 2024
Last seenMay 10, 2026
GeolocationLV
CountryLatvia
LocationRiga, JUR
ASNAS12578
OrgBridge Group
Coords56.9575, 23.7467
VirusTotal
Not checked
WHOIS
- description
- Imported indicator
- raw
- inetnum: 81.198.64.1 - 81.198.67.255 netname: APOLLO-BRIDGE-GROUP-BUSINESS-CUSTOMERS descr: BRIDGE GROUP BUSINESS CUSTOMERS descr: Riga country: LV admin-c: LTC777-RIPE tech-c: LTC777-RIPE status: ASSIGNED PA mnt-by: LTK created: 2011-08-09T18:00:30Z last-modified: 2011-08-09T18:00:30Z source: RIPE # Filtered role: LTC Hostmaster address: SIA Tet address: Dzirnavu Street 105 address: LV-1011 Riga address: LATVIA phone: +371-80008098 abuse-mailbox: [email protected] remarks: trouble: information: https://www.tet.lv/par-tet/par-mums/kontakti remarks: trouble: Abuse reports -- mailto:[email protected] admin-c: JJ777-RIPE tech-c: JJ777-RIPE tech-c: ZZ666-RIPE nic-hdl: LTC777-RIPE mnt-by: LTK created: 2009-10-23T11:15:53Z last-modified: 2019-07-03T12:53:47Z source: RIPE # Filtered route: 81.198.0.0/16 descr: Lattelekom origin: AS12578 mnt-by: AS6747-MNT mnt-by: LTK created: 2002-10-02T12:41:16Z last-modified: 2009-10-05T11:17:22Z source: RIPE
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 1 month ago
Appeared in 11 threat reports