IPMediumSignal 69/100

`89.111.170.100`

Location

Russian Federation

Moscow, Moscow

ASN

AS197695

"Domain names registrar REG.RU", Ltd

First Seen

Feb 16, 2026

Last Seen

May 19, 2026

Feb 16

First Seen

114d ago

May 19

Last Seen

22d ago

Reports

source reports

69%

Confidence

medium

Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

69%

Signal Score

69 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

15 techniques

Network Information

Country

Russian Federation

RegionMoscow, Moscow

ASNAS197695

Organization"Domain names registrar REG.RU", Ltd

Feed Intelligence Summary

5 reports69% confidence

Source reports

69%

Confidence score

Category tags

bad reputationblacklisted ip addressesbrowser infectionbrute forcecertcompromised host detectioncredential harvestingcredential stuffingcredential theftdata exfiltrationdata store exposureeurope/asiaexploitation activitygoogle groupsidentity & access exploitationindicatorinfostealerinjection activityknown malicious iplummalumma stealermalicious softwaremalwaremalware distributionnad-nodelinknai-browsernetworkninja browserninja-browserpassword stealerphishingphishing attackprocess injectionresearchedrurussiasocial engineeringt1055t1059t1071t1071.001t1105t1190t1486t1498t1539t1555t1565t1566t1566.001t1566.002t1566.003threat actortor nodetrojanized browserturkey

Activity Timeline

1 total obs

May 19May 19

Threat Activity Heatmap

· Peak: 2026-05-19

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

69%

Confidence

Reports

First seenFeb 16, 2026

Last seenMay 19, 2026

GeolocationRU

CountryRussian Federation

LocationMoscow, Moscow

ASNAS197695

Org"Domain names registrar REG.RU", Ltd

Coords55.7523, 37.6155

VirusTotal

Not checked

WHOIS

raw: inetnum: 89.111.168.0 - 89.111.175.255 netname: RU-REGRU-RC org: ORG-nrRL1-RIPE country: RU admin-c: RGRU-RIPE tech-c: RGRU-RIPE status: ASSIGNED PA mnt-by: RUNIC-MNT mnt-by: REGRU-MNT mnt-lower: REGRU-MNT mnt-routes: REGRU-MNT created: 2023-12-25T09:26:59Z last-modified: 2023-12-25T09:30:12Z source: RIPE organisation: ORG-nrRL1-RIPE org-name: "Domain names registrar REG.RU", Ltd country: RU org-type: LIR address: LENINGRADSKY PR-KT, 72, building 3, address: 125315 address: Moscow address: RUSSIAN FEDERATION phone: +74955801111 admin-c: RGRU-RIPE mnt-ref: REGRU-MNT mnt-ref: AS2118-MNT mnt-ref: ROSNIIROS-MNT mnt-ref: RIPE-NCC-HM-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: REGRU-MNT abuse-c: RGRU-RIPE created: 2011-02-21T11:14:37Z last-modified: 2026-02-16T10:51:10Z source: RIPE # Filtered role: Reg.Ru Network Operations address: Russia, Moscow, Vassily Petushkova st., house 3, Office 326 remarks: NOC e-mail: [email protected] remarks: User support: [email protected] remarks: SPAM reports: [email protected] phone: +7 (495) 580-11-11 fax-no: +7 (495) 491-55-53 admin-c: ARP-RIPE admin-c: MS55099-RIPE tech-c: ARP-RIPE tech-c: MS55099-RIPE nic-hdl: RGRU-RIPE mnt-by: REGRU-MNT abuse-mailbox: [email protected] created: 2011-03-30T12:49:27Z last-modified: 2022-11-29T14:58:55Z source: RIPE # Filtered route: 89.111.170.0/24 descr: Reg.Ru origin: AS197695 mnt-by: REGRU-MNT created: 2023-12-25T09:35:05Z last-modified: 2023-12-25T09:35:05Z source: RIPE

`89.111.170.100`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy