IPMediumSignal 76/100
45.88.138.44
Location
NetherlandsAmsterdam, North Holland
ASN
AS213737
Ayosoft LTD
First Seen
Mar 7, 2026
Last Seen
Jun 7, 2026
Mar 7
First Seen
95d ago
Jun 7
Last Seen
3d ago
21
Reports
source reports
76%
Confidence
medium
11/91
VirusTotal
detections
Found in 21 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
76%
Signal Score
76 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryNetherlands
NetherlandsRegionAmsterdam, North Holland
ASNAS213737
OrganizationAyosoft LTD
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
21 reports76% confidence
21
Source reports
76%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningactive-attackaerospace & defenseapacheapache attackeraptasiaattackattacker ipattacker-ipaustraliaauto-blockedautomated multi-vector probingawsaws credential harvestingaws-credentialsbad reputationbad web botbankingbelgiumbgblocklistblocklist_allblog spambothammerbotnetbotnet activitybrazilbrute forcebrute force attackbrute force attackerbrute force attemptsbrute-forcebruteforcebulgariacanadacertchinacloud infrastructurecloud infrastructure attackcloud servicescode-injectioncommand and controlcommunication protocolcommunication technologiesconsumer goodscowriecowrie honeypotcredential accesscredential harvestingcredential stuffingcredential theftcredentialscredit card servicescyberattackdaily-threat-feeddata exfiltrationdata store exposuredata-accessdatabase securityddosddos attackdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedenial-of-servicedenmarkdigital oceandionaeadionaea honeypotdistributed attacksdnn_authencryptioneuropeeurope/asiaexecutable fileexploitexploitationexploitation activityexploited hostfattfinancefinancial servicesfinancial technologyfrancefraudfraud ordersfraud voipfraudulent activityftpftp brute forceftp brute-forcegermanyhackinghoneytrap honeypothong konghttphttp attackhttp scannerhttpshttps attackicelandidentity & access exploitationiis-attackindiainformation technologyinitial-accessinjection activityinjection attacksinternet-wideintrusion detectioniociot securityiot targetedip-addressipqsipv4iraqirelandit infrastructureitalyjapankill-chain exploitationkill-chain reconnaissancekorea, republic ofliechtensteinlithuaniamailoney honeypotmalicious activitymalicious ipmalicious ipsmalicious-ipmalwaremalware behaviourmalware capturemalware distributionmediamedium-riskmexicomilitary operationsmobile carriersmobile networksnational securitynetherlandsnetworknetwork probingnetwork scanningnetwork securitynetwork-attacknlnorth americanorwayoceaniaopen proxyp0fpassword attackspayment processingphishingphishing attackphishing trapphpping of deathpolandport-scanportscanproxyproxy detectionransomwarerdp exploitationrealtime-wafreconnaissanceremote accessremote servicesresearchedresource hijackingretail tradereverse-proxyrevproxyromaniarussiascams & fraudscannerscannersscanning activityscripting attackssecurity policysensor-taggedsentrypeer botnetserbiaservice scansiemsingaporesocial engineeringsoftware developmentsouth americaspainspamspammingsql injectionsql-injectionsshssh attackssh exploitationssh monitoringssl-enrichmentswedensyrian arab republict1021.001t1040t1046t1059t1059.003t1059.007t1071t1071.001t1076t1078t1090t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1195t1203t1486t1496t1499.001t1499.002t1499.003t1552t1552.001t1563t1566t1566.001t1566.002t1566.003t1567.001t1573.002t1595t1595.001t1595.002t1595.003tannertargeting databasetcptelecom servicestelecommunicationsthreat actorthreat detectionthreat intelligencethreat preventionthreat-inteltor detectiontor nodetpotturkeyukraineunited kingdomunited statesuzbekistanvoidtrapvoip attackvpnvpn detectionvpn ipvulnerability scanvulnerability-exploitationvulnerability-scanvultrwazuhwealth managementwebweb app attackweb application attackweb attackweb attacksweb exploitationweb reconnaissanceweb spamweb trafficweb-attackweb-exploit
Activity Timeline
Jun 7Jun 7
Threat Activity Heatmap
· Peak: 2026-06-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
76
SIGNAL
Signal Score
76%
Confidence
21
Reports
First seenMar 7, 2026
Last seenJun 7, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS213737
OrgAyosoft LTD
Coords52.3676, 4.9041
ProxyVPN
WHOIS
- description
- IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
- raw
- inetnum: 45.88.138.0 - 45.88.138.255 org: ORG-AA3197-RIPE netname: DexDC-Server country: NL geoloc: 52.368773 4.901705 admin-c: AA44218-RIPE tech-c: AA44218-RIPE status: SUB-ALLOCATED PA mnt-by: AyoSoft-MNT mnt-by: DATAPENTA-MNT created: 2023-05-30T14:20:49Z last-modified: 2024-12-12T14:45:05Z source: RIPE organisation: ORG-AA3197-RIPE org-name: AYOSOFT LTD descr: DexDC Server org-type: OTHER address: 71-75, Shelton Street, Covent Garden, London, WC2H 9JQ, UNITED KINGDOM country: GB abuse-c: AA44218-RIPE mnt-ref: AyoSoft-MNT mnt-by: AyoSoft-MNT created: 2024-11-29T16:46:33Z last-modified: 2024-12-11T22:21:45Z source: RIPE # Filtered role: DexDC Server address: 71-75, Shelton Street, Covent Garden, London, WC2H 9JQ, UNITED KINGDOM abuse-mailbox: [email protected] nic-hdl: AA44218-RIPE mnt-by: AyoSoft-MNT created: 2024-11-29T16:43:19Z last-modified: 2024-12-11T22:20:17Z source: RIPE # Filtered route: 45.88.138.0/24 origin: AS213737 mnt-by: DATAPENTA-MNT created: 2024-12-12T14:41:38Z last-modified: 2024-12-12T14:41:38Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 months ago · Last seen 3 days ago
Appeared in 21 threat reports