IOC Radar
IPMediumSignal 56/100

91.212.166.31

Location
KazakhstanKazakhstan
Astana, Astana
ASN
AS41798
Big Data Host LLC
First Seen
Jun 23, 2023
Last Seen
Apr 28, 2026
Jun 23
First Seen
1098d ago
Apr 28
Last Seen
58d ago
10
Reports
source reports
56%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
56%
Signal Score
56 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Network Information

CountryKZKazakhstan
RegionAstana, Astana
ASNAS41798
OrganizationBig Data Host LLC

Feed Intelligence Summary

10 reports56% confidence
10
Source reports
56%
Confidence score
Category tags
active scanactive scanningasiaauthentication attemptsbankingbotnetbotnet activitybrute forcebrute force attackcommand and controlcommunication protocolcredential accesscredential stuffingcredit card servicesdata exfiltrationdata store exposuredatabase securityddosdenial of servicedistributed attackseuropeeurope/asiaexploitation activityfinancefinancial servicesfinancial technologyftphackinghong konghttp scanneridentity & access exploitationimapindicatorinjection activityinjection attackskazakhstanmalicious softwaremalwarenetworknetwork attacksnetwork intrusionnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork trafficpassword attackspayment processingprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedrurussiascannerscanning activitysmtpssh attackt1018t1021t1021.001t1040t1046t1055t1059t1059.001t1059.003t1059.004t1071.001t1076t1078t1078.002t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1595t1595.001t1595.002t1595.003tcp protocoltelnet threattftpunited kingdomwealth managementweb application attackweb exploitationweb scannerweb traffic

Activity Timeline

1 total obs
Apr 28Apr 28

Threat Activity Heatmap

· Peak: 2026-04-28
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
56
SIGNAL
Signal Score
56%
Confidence
10
Reports
First seenJun 23, 2023
Last seenApr 28, 2026
GeolocationKZ
CountryKazakhstan
LocationAstana, Astana
ASNAS41798
OrgBig Data Host LLC
Coords51.4964, -0.1224

VirusTotal

Not checked

WHOIS

raw
inetnum: 91.0.0.0 - 91.255.255.255 netname: RIPE-CIDR-BLOCK descr: Not allocated by APNIC remarks: ------------------------------------------------------ remarks: remarks: Important: remarks: remarks: Details of networks in this range are not registered remarks: in the APNIC Whois Database. remarks: remarks: Please search the RIPE Whois Database, which contains remarks: details of IP addresses allocated in Europe, the remarks: Middle East, and northern Africa: remarks: remarks: website: http://www.ripe.net/perl/whois remarks: command line: whois.ripe.net remarks: remarks: ------------------------------------------------------ country: AU admin-c: IANA1-AP tech-c: IANA1-AP mnt-by: MAINT-APNIC-AP mnt-lower: MAINT-APNIC-AP status: ALLOCATED PORTABLE last-modified: 2008-09-04T06:51:29Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 1 month ago
Appeared in 10 threat reports