IOC Radar
IPHighVerifiedSignal 86/100

31.132.90.3

Location
KazakhstanKazakhstan
Astana, Astana
ASN
AS197556
Customers FTTB
First Seen
Jun 3, 2026
Last Seen
Jun 22, 2026
Jun 3
First Seen
18d ago
Jun 22
Last Seen
today
68
Reports
source reports
95%
Confidence
high
Found in 68 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
95%
Signal Score
86 / 100
IDS Rule
Yes
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryKZKazakhstan
RegionAstana, Astana
ASNAS197556
OrganizationCustomers FTTB

Feed Intelligence Summary

68 reports95% confidence
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3693 indicators)
3155 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3696 indicators)
3158 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3729 indicators)
3192 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3727 indicators)
3190 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3726 indicators)
3189 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3721 indicators)
3184 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3718 indicators)
3181 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3719 indicators)
3181 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3718 indicators)
3180 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3714 indicators)
3177 IOCs in report

Activity Timeline

48 total obs
Jun 22Jun 20

Threat Activity Heatmap

· Peak: 2026-06-21
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
6
Moderate
7d
48
Critical
30d
48
Critical
3mo
48
Critical
Threat ScoreHigh Risk
86
SIGNAL
Signal Score
95%
Confidence
68
Reports
First seenJun 3, 2026
Last seenJun 22, 2026
Verified IOC
GeolocationKZ
CountryKazakhstan
LocationAstana, Astana
ASNAS197556
OrgCustomers FTTB
Coords51.1394, 71.4471

VirusTotal

Not checked

WHOIS

description
Score: 100/100. Labels: abuseipdb:brute-force, abuseipdb:critical, abuseipdb:ddos, abuseipdb:exploited-host, abuseipdb:hacking, abuseipdb:port-scan. Attacker IP 31.132.90.3 observed using HTTP client fingerprint 'HTTP Client: libredtail-http' 39 times when connecting to db4lamedtech between 2026-06-04 10:18 and 2026-06-04 10:18 UTC.
raw
inetnum: 31.132.88.0 - 31.132.95.255 netname: Customers_FTTB country: KZ admin-c: NS3789-RIPE tech-c: AP27236-RIPE status: ASSIGNED PA mnt-by: TNSPLUS-MNT mnt-by: kz-ipnet-kar-tel-1-mnt created: 2018-04-12T10:03:32Z last-modified: 2018-04-12T10:03:32Z source: RIPE person: Artyom Pilipenko address: st. Kadergaly Galairy 2 phone: +77273500606 nic-hdl: AP27236-RIPE mnt-by: kz-ipnet-kar-tel-1-mnt created: 2017-04-07T04:22:24Z last-modified: 2017-04-07T04:22:24Z source: RIPE person: Natalya Sommer address: Kadyrgali Zhalaiyri str., 2 address: 010010 Astana address: Kazakhstan phone: +77273500115 nic-hdl: NS3789-RIPE mnt-by: TNSPLUS-MNT mnt-by: kz-ipnet-kar-tel-1-mnt created: 2011-06-08T05:37:53Z last-modified: 2018-04-12T08:33:24Z source: RIPE # Filtered route: 31.132.90.0/24 origin: AS206026 mnt-by: kz-ipnet-kar-tel-1-mnt created: 2022-02-23T04:56:17Z last-modified: 2022-02-23T04:56:17Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 18 days ago · Last seen today
Appeared in 68 threat reports from 10 sources
Associated with: Akira, LockBit, Kimsuky
Used by malware: Pegasus, NetWire, Mozi, SocGholish, XMRig, Remcos, Akira, Rhysida, XorDDoS, Nanocore, NjRAT, WannaCry, AsyncRAT, Stealc, Mirai, Vidar, Metasploit, Sliver, Havoc, LockBit