IOC Radar
IPMediumSignal 100/100

84.201.246.84

Location
RussiaRussia
Izhevsk, Udmurtiya Republic
ASN
AS34590
JSC "ER-Telecom Holding" Izhevsk branch
First Seen
Oct 7, 2024
Last Seen
Jan 30, 2026
Oct 7
First Seen
613d ago
Jan 30
Last Seen
133d ago
12
Reports
source reports
99%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Network Information

CountryRURussia
RegionIzhevsk, Udmurtiya Republic
ASNAS34590
OrganizationJSC "ER-Telecom Holding" Izhevsk branch

Feed Intelligence Summary

12 reports99% confidence
12
Source reports
99%
Confidence score
Category tags
abuseaccess controlactive scanningattackbotnetbrute forcebrute force attackcisco devicecommand and controlcommunication protocolcommunication technologiescompromised hostcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationddosddos attackddos attacksdecoy systemdenial of servicedevice managementdionaea honeypotdistributed attacksenterprise networkingeurope/asiaexfiltrationexploit attemptsfin scanftp brute forcehackinghoneytrap honeypothttp brute forceindicatorinfrastructure acquisitionreconnaissanceinternet of thingsintrusion detectioniociot botnetiot/ics attackkfsensor honeypotlamplateral movementloginmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware propagationmalware scanningmanualmirai botnetmobile carriersmobile networksnetworknetwork attacksnetwork infrastructurenetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnull scanpassword attacksphishing attackpossible vulnerability scanningprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedrurussiarussian federationscanscannersecurity policyservice discoverysftp attacksmtp brute forcesocial engineeringsocradar honeypotsql injection attemptsssh attackssh monitoringsyn scant1021t1021.001t1040t1041t1046t1055t1059t1071t1071.001t1076t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1203t1204.002t1210t1486t1496t1497t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1573t1587.001t1588t1589t1589.002t1590.001t1595t1595.001t1595.002t1595.003tcp protocoltcp/23telecom servicestelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventionudp port scanweb application attackweb exploitationxmas scan

Activity Timeline

1 total obs
Jan 30Jan 30

Threat Activity Heatmap

· Peak: 2026-01-30
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
12
Reports
First seenOct 7, 2024
Last seenJan 30, 2026
GeolocationRU
CountryRussia
LocationIzhevsk, Udmurtiya Republic
ASNAS34590
OrgJSC "ER-Telecom Holding" Izhevsk branch
Coords56.8501, 53.1937

VirusTotal

Not checked

WHOIS

raw
inetnum: 84.201.240.0 - 84.201.247.255 netname: ERTH-IZH-PPPOE-16-NET descr: JSC "ER-Telecom Holding" Izhevsk branch descr: Izhevsk, Russsia descr: Idividual PPPoE customers country: RU admin-c: RAID1-RIPE org: ORG-UIC1-RIPE tech-c: RAID1-RIPE status: ASSIGNED PA mnt-by: RAID-MNT created: 2015-12-22T09:47:50Z last-modified: 2015-12-22T09:47:50Z source: RIPE # Filtered remarks: INFRA-AW organisation: ORG-UIC1-RIPE org-name: JSC "ER-Telecom Holding" Izhevsk branch org-type: OTHER address: 111, Molodezhnaya str. address: Izhevsk, Russia, 426054 phone: +7 3412 916 777 phone: +7 3412 435434 fax-no: +7 3412 435434 admin-c: RAID1-RIPE tech-c: RAID1-RIPE abuse-c: RAID1-RIPE mnt-ref: RAID-MNT mnt-by: RAID-MNT created: 2004-11-09T15:16:43Z last-modified: 2019-10-15T08:13:33Z source: RIPE # Filtered role: ER-Telecom ISP Contact Role address: JSC "ER-Telecom" address: 111, str. Shosse Kosmonavtov address: 614000 Perm address: Russian Federation phone: +7 342 2462233 fax-no: +7 342 2463344 abuse-mailbox: [email protected] remarks: 24/7 phone number: +7-342-2362233 admin-c: AAS585-RIPE admin-c: SAWJ-RIPE tech-c: AAS585-RIPE tech-c: SAWJ-RIPE nic-hdl: RAID1-RIPE mnt-by: RAID-MNT created: 2005-02-11T12:50:50Z last-modified: 2024-07-24T09:39:40Z source: RIPE # Filtered route: 84.201.246.0/24 origin: AS34590 org: ORG-UIC1-RIPE descr: CJSC "ER-Telecom Holding" Izhevsk branch descr: Izhevsk, Russia mnt-by: RAID-MNT created: 2013-04-25T10:23:06Z last-modified: 2013-04-25T10:23:06Z source: RIPE organisation: ORG-UIC1-RIPE org-name: JSC "ER-Telecom Holding" Izhevsk branch org-type: OTHER address: 111, Molodezhnaya str. address: Izhevsk, Russia, 426054 phone: +7 3412 916 777 phone: +7 3412 435434 fax-no: +7 3412 435434 admin-c: RAID1-RIPE tech-c: RAID1-RIPE abuse-c: RAID1-RIPE mnt-ref: RAID-MNT mnt-by: RAID-MNT created: 2004-11-09T15:16:43Z last-modified: 2019-10-15T08:13:33Z source: RIPE # Filtered
references
https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 12 threat reports