IOC Radar
IPMediumSignal 70/100

91.238.168.165

Location
Russian FederationRussian Federation
Tolyatti, Samara Oblast
ASN
AS43273
Optik Line LLC
First Seen
Apr 16, 2026
Last Seen
Apr 24, 2026
Apr 16
First Seen
71d ago
Apr 24
Last Seen
64d ago
7
Reports
source reports
70%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryRURussian Federation
RegionTolyatti, Samara Oblast
ASNAS43273
OrganizationOptik Line LLC

Feed Intelligence Summary

7 reports70% confidence
7
Source reports
70%
Confidence score
Category tags
abuseactive scanaptbad reputationbrute forcebrute force attackercowriedionaeaeurope/asiafattindicatornetworkp0fportscanresearchedrussiascannerscannersself-signedsensor-taggedservice scantannerthreat actortor nodetpotvultr

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

· Peak: 2026-04-24
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
70
SIGNAL
Signal Score
70%
Confidence
7
Reports
First seenApr 16, 2026
Last seenApr 24, 2026
GeolocationRU
CountryRussian Federation
LocationTolyatti, Samara Oblast
ASNAS43273
OrgOptik Line LLC
Coords53.5085, 49.4182

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Tokyo (Japan) honeypot
raw
inetnum: 91.238.168.0 - 91.238.171.255 geoloc: 53.52198926800451 49.16173696517944 netname: OPTIKLINE-NET descr: Optik Line LLC country: RU org: ORG-OLL14-RIPE admin-c: DG10528-RIPE tech-c: DG10528-RIPE status: ASSIGNED PI mnt-by: RIPE-NCC-END-MNT mnt-by: MNT-OPTIKLINE mnt-routes: MNT-OPTIKLINE mnt-domains: MNT-OPTIKLINE created: 2012-04-17T11:24:41Z last-modified: 2024-09-27T12:40:18Z source: RIPE # Filtered remarks: Geofeed http://optikline.com/optikline.com.geofeed.csv organisation: ORG-OLL14-RIPE org-name: Optik Line LLC country: RU org-type: LIR address: Izumrudnaya str. 1 address: 445143 address: s. Podstepki, Samarskaya obl. address: RUSSIAN FEDERATION phone: +78482939111 admin-c: DG10528-RIPE tech-c: DG10528-RIPE abuse-c: AR36236-RIPE mnt-ref: MNT-OPTIKLINE mnt-by: RIPE-NCC-HM-MNT mnt-ref: RIPE-NCC-HM-MNT mnt-by: MNT-OPTIKLINE created: 2016-04-28T07:52:52Z last-modified: 2022-01-27T06:16:00Z source: RIPE # Filtered person: Dmitry Gureanov address: Izumrudnaya str. 1 address: 445143 address: s. Podstepki, Samarskaya obl. address: RUSSIAN FEDERATION phone: +78482939111 nic-hdl: DG10528-RIPE mnt-by: MNT-OPTIKLINE created: 2016-04-28T07:52:52Z last-modified: 2016-04-28T07:52:52Z source: RIPE route: 91.238.168.0/22 descr: Net of Optik Line Ltd origin: AS43273 mnt-by: MNT-OPTIKLINE created: 2012-05-03T15:02:10Z last-modified: 2013-12-11T08:59:30Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 2 months ago
Appeared in 7 threat reports