IOC Radar
IPMediumSignal 65/100

89.216.40.121

Location
SerbiaSerbia
Belgrade, 00
ASN
AS31042
Serbia Broadband
First Seen
Apr 10, 2026
Last Seen
Jun 2, 2026
Apr 10
First Seen
75d ago
Jun 2
Last Seen
21d ago
11
Reports
source reports
65%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryRSSerbia
RegionBelgrade, 00
ASNAS31042
OrganizationSerbia Broadband

Feed Intelligence Summary

11 reports65% confidence
11
Source reports
65%
Confidence score
Category tags
abuseactive scanactive scanningaptbad reputationbrute forcebrute force attackbrute-forcecredential accesscredential stuffingexploitation activityhackingidentity & access exploitationimapimap attackindicatornetworkpassword attacksreconnaissanceresearchedscannerserbiasmtpsmtp attackerssh attackt1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003threat actortor node

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
11
Reports
First seenApr 10, 2026
Last seenJun 2, 2026
GeolocationRS
CountrySerbia
LocationBelgrade, 00
ASNAS31042
OrgSerbia Broadband
Coords44.8166, 20.4721

VirusTotal

Not checked

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
inetnum: 89.216.39.0 - 89.216.40.255 netname: INFOTEH-NET descr: Infoteh WISP, Sombor country: RS admin-c: VV1614-RIPE tech-c: VV1614-RIPE status: ASSIGNED PA mnt-by: SBB-MNT created: 2008-01-29T16:21:59Z last-modified: 2009-02-17T11:29:01Z source: RIPE person: Velimir Varicak address: Urosa Predica 31 address: 25000 Sombor address: Serbia phone: +381 25 420153 nic-hdl: VV1614-RIPE created: 2007-05-04T14:24:02Z last-modified: 2007-05-04T14:24:02Z source: RIPE # Filtered mnt-by: SBB-MNT route: 89.216.0.0/17 descr: Serbia Broadband origin: AS31042 mnt-by: SBB-MNT created: 2013-03-02T10:31:40Z last-modified: 2015-08-23T13:00:22Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 21 days ago
Appeared in 11 threat reports