IOC Radar
IPHighVerifiedSignal 67/100

82.117.65.21

Location
Russian FederationRussian Federation
Novosibirsk, Novosibirsk Oblast
ASN
AS25549
Closed Joint-stock company Avantel
First Seen
Apr 17, 2026
Last Seen
Apr 23, 2026
Apr 17
First Seen
57d ago
Apr 23
Last Seen
51d ago
4
Reports
source reports
67%
Confidence
high
Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryRURussian Federation
RegionNovosibirsk, Novosibirsk Oblast
ASNAS25549
OrganizationClosed Joint-stock company Avantel

Feed Intelligence Summary

4 reports67% confidence
4
Source reports
67%
Confidence score
Category tags
active scanbrute forcebrute force attackereurope/asiaindicatornetworkportscanresearchedrussiascannersservice scanvultr

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
4
Reports
First seenApr 17, 2026
Last seenApr 23, 2026
Verified IOC
GeolocationRU
CountryRussian Federation
LocationNovosibirsk, Novosibirsk Oblast
ASNAS25549
OrgClosed Joint-stock company Avantel
Coords55.0455, 82.9028

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Melbourne (Australia) honeypot
raw
inetnum: 82.117.64.0 - 82.117.95.255 netname: RU-AVANTEL-20040205 country: RU org: ORG-CJcA1-RIPE admin-c: LAB27-RIPE admin-c: AVN65-RIPE tech-c: SVS138-RIPE tech-c: AVN65-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-by: AVANTEL-MNT mnt-lower: AVANTEL-MNT mnt-routes: AVANTEL-MNT created: 2016-05-04T07:53:02Z last-modified: 2016-08-11T08:45:18Z source: RIPE # Filtered organisation: ORG-CJcA1-RIPE org-name: JSC Avantel country: RU org-type: LIR address: Skladochnaya str., 1, 15 address: 127018 address: Moscow address: RUSSIAN FEDERATION phone: +73833630909 fax-no: +73833630939 admin-c: SVS138-RIPE admin-c: LAB27-RIPE abuse-c: AR16568-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: AVANTEL-MNT mnt-ref: ROSNIIROS-MNT mnt-ref: ru-avm-1-mnt mnt-by: RIPE-NCC-HM-MNT mnt-by: AVANTEL-MNT created: 2008-04-24T12:04:02Z last-modified: 2022-03-21T06:04:53Z source: RIPE # Filtered person: NOC of AVANTEL address: JSC Avantel address: Russia, 630132, Novosibirsk address: Narymskaya str. 27 phone: +7 383 363 0909 fax-no: +7 383 363 0939 nic-hdl: AVN65-RIPE mnt-by: AVANTEL-MNT created: 2007-12-05T14:31:44Z last-modified: 2017-10-30T21:57:46Z source: RIPE # Filtered person: Lozhnikov Alexey address: JSC Avantel address: Russia, 630132, Novosibirsk address: Narymskaya str. 27 phone: +7 383 363 0909 fax-no: +7 383 363 0939 nic-hdl: LAB27-RIPE mnt-by: theone-mnt created: 2010-01-21T04:44:49Z last-modified: 2010-01-31T18:53:06Z source: RIPE person: Vladislav Shashkov address: Russia, 630132, Novosibirsk address: Narymskaya str. 27 mnt-by: SVS138-MNT phone: +7 383 363 0909 nic-hdl: SVS138-RIPE created: 2010-02-08T04:20:48Z last-modified: 2010-02-08T04:31:54Z source: RIPE route: 82.117.64.0/21 origin: AS25549 mnt-by: AVANTEL-MNT created: 2017-03-06T04:16:24Z last-modified: 2017-03-06T04:16:24Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 month ago · Last seen 1 month ago
Appeared in 4 threat reports