IOC Radar
IPHighVerifiedSignal 86/100

31.132.90.3

Location
KazakhstanKazakhstan
Astana, Astana
ASN
AS197556
Customers FTTB
First Seen
Jun 3, 2026
Last Seen
Jun 21, 2026
Jun 3
First Seen
17d ago
Jun 21
Last Seen
today
44
Reports
source reports
95%
Confidence
high
Found in 44 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
95%
Signal Score
86 / 100
IDS Rule
Yes
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryKZKazakhstan
RegionAstana, Astana
ASNAS197556
OrganizationCustomers FTTB

Feed Intelligence Summary

44 reports95% confidence
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3310 indicators)
2770 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3308 indicators)
2766 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3310 indicators)
2768 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3309 indicators)
2768 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3310 indicators)
2768 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3309 indicators)
2767 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3167 indicators)
2626 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3166 indicators)
2625 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3169 indicators)
2628 IOCs in report
AT
Abuse.ch ThreatFox
Today
Abuse.ch ThreatFox (3166 indicators)
2628 IOCs in report

Activity Timeline

24 total obs
Jun 21Jun 20

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
6
Moderate
7d
24
Critical
30d
24
Critical
3mo
24
Critical
Threat ScoreHigh Risk
86
SIGNAL
Signal Score
95%
Confidence
44
Reports
First seenJun 3, 2026
Last seenJun 21, 2026
Verified IOC
GeolocationKZ
CountryKazakhstan
LocationAstana, Astana
ASNAS197556
OrgCustomers FTTB
Coords51.1394, 71.4471

VirusTotal

Not checked

WHOIS

description
Score: 100/100. Labels: abuseipdb:brute-force, abuseipdb:critical, abuseipdb:ddos, abuseipdb:exploited-host, abuseipdb:hacking, abuseipdb:port-scan. Attacker IP 31.132.90.3 observed using HTTP client fingerprint 'HTTP Client: libredtail-http' 39 times when connecting to db4lamedtech between 2026-06-04 10:18 and 2026-06-04 10:18 UTC.
raw
inetnum: 31.132.88.0 - 31.132.95.255 netname: Customers_FTTB country: KZ admin-c: NS3789-RIPE tech-c: AP27236-RIPE status: ASSIGNED PA mnt-by: TNSPLUS-MNT mnt-by: kz-ipnet-kar-tel-1-mnt created: 2018-04-12T10:03:32Z last-modified: 2018-04-12T10:03:32Z source: RIPE person: Artyom Pilipenko address: st. Kadergaly Galairy 2 phone: +77273500606 nic-hdl: AP27236-RIPE mnt-by: kz-ipnet-kar-tel-1-mnt created: 2017-04-07T04:22:24Z last-modified: 2017-04-07T04:22:24Z source: RIPE person: Natalya Sommer address: Kadyrgali Zhalaiyri str., 2 address: 010010 Astana address: Kazakhstan phone: +77273500115 nic-hdl: NS3789-RIPE mnt-by: TNSPLUS-MNT mnt-by: kz-ipnet-kar-tel-1-mnt created: 2011-06-08T05:37:53Z last-modified: 2018-04-12T08:33:24Z source: RIPE # Filtered route: 31.132.90.0/24 origin: AS206026 mnt-by: kz-ipnet-kar-tel-1-mnt created: 2022-02-23T04:56:17Z last-modified: 2022-02-23T04:56:17Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 17 days ago · Last seen today
Appeared in 44 threat reports from 10 sources
Associated with: LockBit, Akira, Kimsuky
Used by malware: Mozi, SocGholish, XMRig, Remcos, Akira, Rhysida, XorDDoS, Pegasus, NetWire, Nanocore, NjRAT, WannaCry, AsyncRAT, Stealc, Mirai, Vidar, Metasploit, Sliver, Havoc, LockBit