IOC Radar
IPMediumSignal 78/100

185.91.127.219

Location
NetherlandsNetherlands
Eygelshoven, Mecklenburg-Vorpommern
ASN
AS49581
Kinguin Digital Limited
First Seen
Jun 14, 2024
Last Seen
Jun 22, 2026
Jun 14
First Seen
739d ago
Jun 22
Last Seen
yesterday
16
Reports
source reports
78%
Confidence
medium
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
78%
Signal Score
78 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryNLNetherlands
RegionEygelshoven, Mecklenburg-Vorpommern
ASNAS49581
OrganizationKinguin Digital Limited

Feed Intelligence Summary

16 reports78% confidence
16
Source reports
78%
Confidence score
Category tags
abuseabusech-urlhaus-c2caccess controlactive scanactive scanningamadeyapplication layer protocolaptarmasciibad reputationblackmatterbotnetbotnet activitybotnetdomainbrazilbrute forcec2cnccommand & controlcommand and controlcredential accesscredential harvestingdata exfiltrationddosddosagentdedistributed attacksdropped-by-amadeydropped-by-phorpiexdropperelfeuropeexeexecutable fileexploitation activityexploited hostgafgytgagolgermanyhackingindicatorjpegm68kmalicious softwaremalwaremeowmeowarm64mipsmiraimozinetherlandsnetworknetwork reconnaissancenetwork scanningnjratopendirparaguayperuphishing attackpolcertpowerpcpowershellprocess injectionps1pythonransomwareratreconnaissanceredline stealerremote servicesremusstealerresearchedscams & fraudscannersecurity policyshsilverfoxsliversocial engineeringsouth americasparcsuperhsystem administrationt1005t1021t1040t1041t1053t1055t1059t1071t1071.001t1078t1105t1110t1133t1190t1210t1486t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1573t1589t1592t1595t1595.001t1595.002t1595.003threat preventiontsunamiua-wgetupxvalid accountsvalleyratx86x86-64

Activity Timeline

1 total obs
Jun 22Jun 22

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
78
SIGNAL
Signal Score
78%
Confidence
16
Reports
First seenJun 14, 2024
Last seenJun 22, 2026
GeolocationNL
CountryNetherlands
LocationEygelshoven, Mecklenburg-Vorpommern
ASNAS49581
OrgKinguin Digital Limited
Coords53.7238, 14.1620

VirusTotal

Not checked

WHOIS

raw
inetnum: 185.91.127.192 - 185.91.127.255 netname: KinguinHost country: DE admin-c: DA11004-RIPE tech-c: DA11004-RIPE org: ORG-KDL4-RIPE status: SUB-ALLOCATED PA mnt-by: KINGUINHOST-MNT created: 2024-12-14T14:48:44Z last-modified: 2024-12-15T07:39:58Z source: RIPE organisation: ORG-KDL4-RIPE org-name: Kinguin Digital Limited org-type: OTHER address: 5/F CHUNG NAM BLDG 1 LOCKHART RD Wan Chai country: HK abuse-c: ACRO58614-RIPE mnt-ref: KINGUINHOST-MNT phone: +48 733071988 mnt-by: KINGUINHOST-MNT created: 2024-12-12T22:56:26Z last-modified: 2024-12-12T22:56:26Z source: RIPE # Filtered role: Director address: 5/F Chung Nam Building, 1 Lockhart Road, Wan Chai, Hong Kong nic-hdl: DA11004-RIPE mnt-by: KINGUINHOST-MNT created: 2024-12-05T10:22:04Z last-modified: 2024-12-05T10:22:04Z source: RIPE # Filtered route: 185.91.127.0/24 origin: AS49581 mnt-by: FZ-IP-MNT created: 2023-05-24T07:14:49Z last-modified: 2023-05-24T07:14:49Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 day ago
Appeared in 16 threat reports