IPMediumSignal 100/100
109.205.213.75
Location
AzerbaijanBaku, Baku City
ASN
AS15723
Azeronline Information Services
First Seen
Jul 30, 2024
Last Seen
Mar 3, 2026
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryAzerbaijan
AzerbaijanRegionBaku, Baku City
ASNAS15723
OrganizationAzeronline Information Services
Feed Intelligence Summary
16 reports99% confidence
16
Source reports
99%
Confidence score
Category tags
abuseaccess controlaccount compromiseaccount securityactive scanningadministrative accessattackauto-generated securityazerbaijanbotnetbrute forcebrute force attackcommand and controlcommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationddos attacksdecoy systemdistributed attackseuropehoneytrap honeypotindicatorinternet of thingsintrusion detectioniot botnetiot/ics attacklampmalicious activitymalicious softwaremalwaremirai botnetnetworknetwork activitynetwork attacksnetwork probingnetwork scanningnetwork securitynorth americaoperating systemoperating system securitypassword attacksphishing attackpotential vulnerability scanprivilege escalationprocess injectionreconnaissanceremote accessremote servicesresearchedscanscannerscanning activitysecurity policysftp attacksocial engineeringssh attackssh monitoringt1018t1021.001t1040t1041t1046t1055t1059.001t1069.001t1071.001t1076t1078t1088t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1589t1595t1595.001t1595.002t1595.003tcp protocoltelecommunicationsthreat actorthreat detectionthreat intelligencethreat preventionunited kingdomunited statesunited states of americaus
Activity Timeline
Mar 3Mar 3
Threat Activity Heatmap
· Peak: 2026-03-03LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
16
Reports
First seenJul 30, 2024
Last seenMar 3, 2026
GeolocationAZ
CountryAzerbaijan
LocationBaku, Baku City
ASNAS15723
OrgAzeronline Information Services
Coords40.5040, 47.4997
VirusTotal
Not checked
WHOIS
- description
- Scans hitting the server at TCP port 3389 RDP. Same IP should not appear more than once in 96 hours in our lists S3#.
- raw
- inetnum: 109.205.213.0 - 109.205.213.255 netname: razinet descr: Razinet Dedicated Servers country: GB admin-c: LW2980-RIPE tech-c: LW2980-RIPE abuse-c: ACRO59441-RIPE org: ORG-RA1050-RIPE mnt-routes: AZERONLINE-MNT mnt-lower: AZERONLINE-MNT mnt-routes: voldeta-mnt mnt-routes: mnt-de-maximilian-1 mnt-domains: voldeta-mnt mnt-domains: mnt-de-maximilian-1 status: ASSIGNED PA mnt-by: AZERONLINE-MNT created: 2022-01-27T08:34:08Z last-modified: 2025-02-25T14:47:49Z source: RIPE organisation: ORG-RA1050-RIPE org-name: RAZI Network org-type: OTHER address: Hauptstrasse 31 92361 Berngau, DE admin-c: LW2980-RIPE tech-c: LW2980-RIPE abuse-c: ACRO59441-RIPE mnt-ref: AZERONLINE-MNT mnt-ref: voldeta-mnt mnt-ref: mnt-de-maximilian-1 mnt-ref: MNT-NETERRA mnt-by: mnt-de-maximilian-1 created: 2022-07-26T19:20:40Z last-modified: 2025-05-14T10:59:47Z source: RIPE # Filtered person: Razi Network address: 5605 SW Orleans St Seattle WA 98116 phone: +4917661200655 org: ORG-RA1050-RIPE nic-hdl: LW2980-RIPE mnt-by: mnt-de-maximilian-1 created: 2022-07-26T19:16:27Z last-modified: 2025-05-13T15:24:37Z source: RIPE # Filtered route: 109.205.213.0/24 descr: AS23470 origin: AS23470 mnt-by: AZERONLINE-MNT created: 2022-07-28T07:52:33Z last-modified: 2022-07-28T07:52:33Z source: RIPE
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 3 months ago
Appeared in 16 threat reports