IOC Radar
IPMediumSignal 100/100

31.220.3.140

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS206264
Amarutu Technology Ltd
First Seen
Nov 24, 2021
Last Seen
Feb 3, 2026
Nov 24
First Seen
1674d ago
Feb 3
Last Seen
142d ago
20
Reports
source reports
99%
Confidence
medium
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

47 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS206264
OrganizationAmarutu Technology Ltd

Feed Intelligence Summary

20 reports99% confidence
20
Source reports
99%
Confidence score
Category tags
active scanningalaskaattackauthentication failureblacklisted ipbotnetbrute forcebrute force attackbrute force attacksbrute force attemptcommand and controlcommunication protocolcredential accesscredential harvestingcredential stuffingdata exfiltrationdatabase attacksddos attackdecoy systemdenial of servicedistributed attackseuropeexploit targetingexploitationfin scanftpftp attacksftp brute forcehttp brute forcehttp scannerhttp scanninghttpsindicatorinformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceinfrastructure discoveryintrusion detectioniot attackit infrastructurekfsensor honeypotlateral movementloginlogin attemptsmalicious activitymalicious softwaremalwaremalware capturemalware propagation attemptmanualmysql brute forcenetherlandsnetworknetwork activitynetwork attacksnetwork enumerationnetwork intrusionnetwork intrusion detectionnetwork monitoringnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnorth americanull scanpassword attackpassword attacksphishing attackpossible botnet activitypossible reconnaissanceprocess injectionprotocol exploitationreconnaissanceremote accessremote access attemptremote servicesresearchedscannerscanning activityscripting attackssecurity operationsservice enumerationsmb brute forcesocial engineeringsoftware developmentssh attacksyn scant1016t1018t1021t1021.001t1021.003t1040t1046t1053t1055t1059t1059.004t1059.007t1068t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1583t1587.001t1588t1588.002t1589t1590t1590.001t1592t1595t1595.001t1595.002t1595.003tcp scanningtelnet threatthreat actorthreat intelligencetsecudp port scanunauthorized accessunauthorized access attemptunauthorized access attemptsunited statesunknown threat actorus-akvnc protocolweb attackweb exploitationweb trafficxmas scan

Activity Timeline

1 total obs
Feb 3Feb 3

Threat Activity Heatmap

· Peak: 2026-02-03
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
20
Reports
First seenNov 24, 2021
Last seenFeb 3, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS206264
OrgAmarutu Technology Ltd
Coords52.3676, 4.9041

VirusTotal

Not checked

WHOIS

description
HoneyNet Event: 31.220.3.140 connected: 12 times over ports: 34567 Tags: P0f, Honeytrap,34567

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 4 months ago
Appeared in 20 threat reports