IPMediumSignal 87/100

`89.108.113.48`

Location

Russian Federation

Moscow, Moscow

ASN

AS197695

"Domain names registrar REG.RU", Ltd

First Seen

Apr 15, 2026

Last Seen

May 30, 2026

Apr 15

First Seen

63d ago

May 30

Last Seen

17d ago

Reports

source reports

87%

Confidence

medium

Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

87%

Signal Score

87 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

8 techniques

Network Information

Country

Russian Federation

RegionMoscow, Moscow

ASNAS197695

Organization"Domain names registrar REG.RU", Ltd

Feed Intelligence Summary

10 reports87% confidence

Source reports

87%

Confidence score

Category tags

active scanactive scanningaptaustraliabrute forcebrute force attackbrute-forcebruteforcecredential accesscredential stuffingeurope/asiaexploitation activityhackingidentity & access exploitationindicatornetworkoceaniapassword attacksreconnaissanceresearchedrurussiascannersshssh attackt1110t1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003threat actortor node

Activity Timeline

1 total obs

May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreHigh Risk

SIGNAL

Signal Score

87%

Confidence

Reports

First seenApr 15, 2026

Last seenMay 30, 2026

GeolocationRU

CountryRussian Federation

LocationMoscow, Moscow

ASNAS197695

Org"Domain names registrar REG.RU", Ltd

Coords55.7386, 37.6068

VirusTotal

Not checked

WHOIS

description: Host bruteforcing SSH
raw: inetnum: 89.108.113.0 - 89.108.113.255 netname: REGRU-AG descr: Reg.Ru Hosting country: RU org: ORG-nrRL1-RIPE admin-c: RGRU-RIPE tech-c: RGRU-RIPE status: ASSIGNED PA mnt-by: REGRU-MNT created: 2009-04-17T09:18:16Z last-modified: 2017-02-03T08:48:16Z source: RIPE organisation: ORG-nrRL1-RIPE org-name: "Domain names registrar REG.RU", Ltd country: RU org-type: LIR address: LENINGRADSKY PR-KT, 72, building 3, address: 125315 address: Moscow address: RUSSIAN FEDERATION phone: +74955801111 admin-c: RGRU-RIPE mnt-ref: REGRU-MNT mnt-ref: AS2118-MNT mnt-ref: ROSNIIROS-MNT mnt-ref: RIPE-NCC-HM-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: REGRU-MNT abuse-c: RGRU-RIPE created: 2011-02-21T11:14:37Z last-modified: 2026-02-16T10:51:10Z source: RIPE # Filtered role: Reg.Ru Network Operations address: Russia, Moscow, Vassily Petushkova st., house 3, Office 326 remarks: NOC e-mail: [email protected] remarks: User support: [email protected] remarks: SPAM reports: [email protected] phone: +7 (495) 580-11-11 fax-no: +7 (495) 491-55-53 admin-c: ARP-RIPE admin-c: MS55099-RIPE tech-c: ARP-RIPE tech-c: MS55099-RIPE nic-hdl: RGRU-RIPE mnt-by: REGRU-MNT abuse-mailbox: [email protected] created: 2011-03-30T12:49:27Z last-modified: 2022-11-29T14:58:55Z source: RIPE # Filtered route: 89.108.113.0/24 origin: AS197695 mnt-by: REGRU-MNT created: 2025-08-01T05:58:25Z last-modified: 2025-08-01T05:58:25Z source: RIPE
references: https://purplesynapz.com/, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://redpiranha.net

`89.108.113.48`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy