IOC Radar
IPMediumSignal 76/100

89.44.193.185

Location
KazakhstanKazakhstan
Almaty, Almaty
ASN
AS202422
GCL
First Seen
Aug 5, 2023
Last Seen
May 27, 2026
Aug 5
First Seen
1041d ago
May 27
Last Seen
14d ago
7
Reports
source reports
76%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
76%
Signal Score
76 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Network Information

CountryKZKazakhstan
RegionAlmaty, Almaty
ASNAS202422
OrganizationGCL

Feed Intelligence Summary

7 reports76% confidence
7
Source reports
76%
Confidence score
Category tags
active scanactive scanningasiabotnetbrute forcebrute force attackcommand and controlcredential accesscredential stuffingdata exfiltrationddosdenial of servicedistributed attacksexploit attemptsftp brute forcehackinghttp brute forceindicatorinitiator ipkazakhstanlateral movementmalicious softwaremalwaremalware propagationmalware scanningnetworknetwork probingnetwork scanningpassword attacksprocess injectionreconnaissanceremote accessremote servicesresearchedscannersmtp brute forcesql injection attemptsssh attackt1021t1021.001t1046t1055t1059t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.002t1499.003t1563t1565t1588t1595t1595.001t1595.002t1595.003

Activity Timeline

1 total obs
May 27May 27

Threat Activity Heatmap

· Peak: 2026-05-27
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
76
SIGNAL
Signal Score
76%
Confidence
7
Reports
First seenAug 5, 2023
Last seenMay 27, 2026
GeolocationKZ
CountryKazakhstan
LocationAlmaty, Almaty
ASNAS202422
OrgGCL
Coords43.2537, 76.9433

VirusTotal

Not checked

WHOIS

raw
inetnum: 89.44.193.0 - 89.44.193.255 descr: G-Core Labs Customer assignment netname: GCL-CUSTOMER-KZ country: KZ admin-c: LA5122-RIPE tech-c: LA5122-RIPE status: ASSIGNED PA mnt-domains: GCL1-MNT mnt-by: GCL1-MNT created: 2021-05-13T08:11:10Z last-modified: 2021-05-13T08:11:10Z source: RIPE geoloc: 43.2335171 76.9174893 person: LIR Admin address: G-Core Labs S.A. address: 2 Rue Edmond Reuter address: 5326 Contern phone: +35220880507 nic-hdl: LA5122-RIPE mnt-by: GCL1-MNT created: 2012-12-05T15:05:34Z last-modified: 2023-07-17T19:38:48Z source: RIPE # Filtered route: 89.44.193.0/24 origin: AS199524 mnt-by: GCL1-MNT created: 2021-04-29T15:21:08Z last-modified: 2021-04-29T15:21:08Z source: RIPE route: 89.44.193.0/24 descr: GCL-89-44-193-0-24 origin: AS202422 mnt-by: GCL1-MNT created: 2021-09-14T10:56:47Z last-modified: 2021-09-14T10:56:47Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 14 days ago
Appeared in 7 threat reports