ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 89.207.88.72:5986.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2026-06-05 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	1143134
IOC:	89.207.88.72:5986
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	Responder
Malware alias:	SpiderLabs Responder
Confidence Level :	Confidence level is moderate (50%)
Is compromised? :	False
ASN:	AS28891 CITTEL
Country:	RU
First seen:	2023-07-27 18:48:57 UTC
Last seen:	never
UUID:	3deeebd4-2cae-11ee-98a3-42010aa4000a
Reporter	drb_ra
Reward	5 credits from ThreatFox
Tags:	CITTEL CJSC City Telecom Responder
Reference:	https://search.censys.io/hosts/89.207.88.72

drb_ra

Responder Found
C2: 89[.]207[.]88[.]72:5986
Certificate: 2a621cfb4ee3ecd35e57b2a64df2e4f1e49448ce5ba8266aa812ffe3b813bcd1
Country: Russia
ASN: CITTEL CJSC City Telecom