IOC Radar
IPMediumSignal 48/100

195.58.52.48

Location
KazakhstanKazakhstan
Astana, Astana
ASN
AS41798
Big Data Host LLC
First Seen
Dec 20, 2023
Last Seen
Jun 8, 2026
Dec 20
First Seen
920d ago
Jun 8
Last Seen
18d ago
6
Reports
source reports
48%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
48%
Signal Score
48 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

38 techniques

Network Information

CountryKZKazakhstan
RegionAstana, Astana
ASNAS41798
OrganizationBig Data Host LLC

Feed Intelligence Summary

6 reports48% confidence
6
Source reports
48%
Confidence score
Category tags
active scanactive scanningasiaaustraliabotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptscommand and controlcommand injectioncommunication protocolcompromised hostcowriecowrie honeypotcredential accesscredential attackcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase securityddosdecoy systemdenial of servicedionaeadionaea honeypotdionaea payloadsdistributed attacksdnsdns attackencryptioneuropeexploitexploit attemptsexploitation activityexploitation attemptexternal threatfattfatt detectionsftpftp brute forcehackinghoneytrap eventshoneytrap honeypothttp attackhttp brute forcehttp scanneridentity & access exploitationindicatorinitial accessinitiator ipinjection activityinjection attacksinternet-facingintrusion detectioniockazakhstanlateral movementmailoney eventsmailoney honeypotmalicious activitymalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware delivery attemptmalware distributionmalware propagationmalware scanningnetworknetwork attacksnetwork intrusionnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningoceaniap0fp0f signaturespassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote access attackremote servicesresearchedresource hijackingscannerscanning activitysecurity operationssensor-taggedsentrypeer botnetsentrypeer eventsserver exploitationservice scansmtpsmtp attacksmtp brute forcesql injectionsql injection attemptsssh attackssh monitoringsuricata alertst1021t1021.001t1021.002t1021.004t1040t1046t1055t1059t1059.003t1071t1071.001t1076t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1199t1210t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1588t1595t1595.001t1595.002t1595.003tannertanner eventstargeting databasetcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotunited kingdomvnc protocolvoipvoip attackweb traffic

Activity Timeline

1 total obs
Jun 8Jun 8

Threat Activity Heatmap

· Peak: 2026-06-08
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
48
SIGNAL
Signal Score
48%
Confidence
6
Reports
First seenDec 20, 2023
Last seenJun 8, 2026
GeolocationKZ
CountryKazakhstan
LocationAstana, Astana
ASNAS41798
OrgBig Data Host LLC
Coords51.1876, 71.4491

VirusTotal

Not checked

WHOIS

description
Observed on T-Pot within last 24h; sensors=p0f; threshold?1; private IPs excluded. geo=KZ; ports=80 Location=Sydney, Australia.
raw
inetnum: 195.58.52.0 - 195.58.52.255 netname: AST-KZ-BDH country: KZ org: ORG-BDHL1-RIPE admin-c: BDHL1-RIPE tech-c: BDHL1-RIPE mnt-domains: MTF-MNT mnt-routes: MTF-MNT status: ASSIGNED PA mnt-by: interlir-mnt created: 2022-12-20T15:36:52Z last-modified: 2024-06-12T17:43:48Z source: RIPE organisation: ORG-BDHL1-RIPE org-name: Big Data Host LLC country: RU address: Sevastopolskiy pr-kt, d. 9, korp. 2, p. I, k. 2a address: 117152 Moscow address: Russia abuse-c: BDHL1-RIPE mnt-ref: RELCOMHOST-MNT mnt-ref: interlir-mnt mnt-ref: IP-RIPE mnt-by: IP-RIPE org-type: OTHER created: 2018-03-15T17:08:54Z last-modified: 2024-06-10T10:07:17Z source: RIPE # Filtered role: Big Data Host LLC nic-hdl: BDHL1-RIPE address: Sevastopolskiy pr-kt, d. 9, korp. 2, p. I, k. 2a address: 117152 Moscow address: Russia abuse-mailbox: [email protected] mnt-by: IP-RIPE created: 2019-01-22T17:03:02Z last-modified: 2024-03-07T17:10:51Z source: RIPE # Filtered route: 195.58.52.0/24 origin: AS41798 mnt-by: RELCOMHOST-MNT created: 2023-03-30T10:06:51Z last-modified: 2023-03-30T10:06:51Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 18 days ago
Appeared in 6 threat reports