IPMediumSignal 67/100
84.252.75.95
Location
Russian FederationMoscow, MOS
ASN
AS205090
First Server Limited
First Seen
Dec 23, 2024
Last Seen
Feb 15, 2026
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryRussian Federation
Russian FederationRegionMoscow, MOS
ASNAS205090
OrganizationFirst Server Limited
Feed Intelligence Summary
11 reports67% confidence
11
Source reports
67%
Confidence score
Category tags
abuseactive scanningattackaustraliaauthentication attackauto-generated securityautomated attackbotnetbrute forcebrute force attemptcommand and controlcredential accesscredential stuffingdata exfiltrationdistributed attackseurope/asiaindicatormalicious activitymalicious softwaremalwarenetworknetwork securityoceaniaprocess injectionreconnaissanceremote accessresearchedrussiarussian federationscannerself-signedssh attackt1055t1071.001t1078t1078.004t1110t1110.001t1110.002t1486t1496t1499.002t1499.003t1565t1589t1589.002t1595.001t1595.002t1595.003threat actor
Activity Timeline
Feb 15Feb 15
Threat Activity Heatmap
· Peak: 2026-02-15LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
11
Reports
First seenDec 23, 2024
Last seenFeb 15, 2026
GeolocationRU
CountryRussian Federation
LocationMoscow, MOS
ASNAS205090
OrgFirst Server Limited
Coords55.9155, 37.8263
VirusTotal
Not checked
WHOIS
- description
- Host bruteforcing SSH
- raw
- inetnum: 84.252.74.0 - 84.252.75.255 org: ORG-FA790-RIPE geofeed: https://geofeed.first-server.net/fb_geofeed.csv netname: FirstByte country: RU admin-c: FSD91-RIPE tech-c: FSD91-RIPE status: ASSIGNED PA mnt-by: FIRSTBYTE-MNT created: 2021-06-22T12:26:01Z last-modified: 2025-02-06T13:13:50Z source: RIPE organisation: ORG-FA790-RIPE org-name: FIRST SERVER LIMITED country: GB descr: Web Hosting Company descr: VPS/VDS and Dedicated Servers in Europe, Asia and USA org-type: OTHER remarks: *********************************************************** remarks: *** FIRST SERVER is a cloud web hosting company FIRSTBYTE.PRO/FIRSTBYTE.RU remarks: *** We do service a lot of customers. Make sure you use correct email for your inquiry. remarks: *** In case of network or spam issues write to audit(at)first-server[dot]net remarks: *** For legal requests, LOA and others, please use: office(at)first-server[dot]net remarks: *** Office hours from 10am to 4pm (UTC+0) remarks: *** For customers support please use support(at)firstbyte[dot]pro remarks: *** Support team is on duty 24/7 remarks: *********************************************************** address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ phone: +44-203-769-1856 abuse-c: ACRO3704-RIPE mnt-ref: FIRSTBYTE-MNT mnt-ref: AZERONLINE-MNT mnt-ref: MNT-AWMLT mnt-ref: uk-tech-mnt mnt-by: FIRSTBYTE-MNT created: 2017-01-23T18:26:17Z last-modified: 2025-03-18T00:08:59Z source: RIPE # Filtered role: FIRST SERVER SALES DEPARTMENT remarks: FIRST SERVER cloud service provider remarks: Techincal support department available at [email protected] remarks: Please email to [email protected] in case of any issues. address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ phone: +44-203-769-18-56 nic-hdl: FSD91-RIPE mnt-by: FIRSTBYTE-MNT created: 2022-06-23T10:59:47Z last-modified: 2024-03-02T10:27:11Z source: RIPE # Filtered route: 84.252.75.0/24 origin: AS205090 mnt-by: FIRSTBYTE-MNT created: 2021-07-07T18:53:42Z last-modified: 2024-03-04T06:33:31Z source: RIPE
- references
- https://redpiranha.net
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 3 months ago
Appeared in 11 threat reports