IPMediumSignal 80/100
5.61.209.43
Location
NetherlandsAmsterdam, North Holland
ASN
AS206264
Amarutu Technology Ltd. Network
First Seen
Jan 25, 2026
Last Seen
Jun 15, 2026
Found in 19 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
80%
Signal Score
80 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryNetherlands
NetherlandsRegionAmsterdam, North Holland
ASNAS206264
OrganizationAmarutu Technology Ltd. Network
IP Category
⟲
Proxy
Proxy server
Feed Intelligence Summary
19 reports80% confidence
19
Source reports
80%
Confidence score
Category tags
abuseactive scanapacheapache attackeraptattacker ipbad reputationbad web botblocklist_allbotnet activitybrute forcebrute-forcebruteforcecowriecredential stuffingcredential-attackddosddos attackdigital oceandionaeaeseuropeexploitation activityexploited hostfattfinlandfrancegermanyhackingidentity & access exploitationinbound scanindicatorinjection activityiot securityiot targetednetherlandsnetworknlnorth americaopen proxyp0fphishingping of deathpolandportscanproxyransomwareresearchresearchedscannerscannerssensor-taggedservice scanseychellessocradar honeypotspainspamsql injectionsshssh-brutet1595tannertargeting databasethreat actortpotunited statesvultrweb app attackweb spam
Activity Timeline
Jun 15Jun 15
Threat Activity Heatmap
· Peak: 2026-06-15LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
80
SIGNAL
Signal Score
80%
Confidence
19
Reports
First seenJan 25, 2026
Last seenJun 15, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS206264
OrgAmarutu Technology Ltd. Network
Coords52.3676, 4.9041
Proxy
VirusTotal
Not checked
WHOIS
- description
- Automatisch aus T-Pot Logs erzeugter Pulse. wird alle 60 Min aktualisiert. Honeypots stehen in: Deutschland Polen USA Frankreich Finnland
- raw
- inetnum: 0.0.0.0 - 255.255.255.255 netname: IANA-BLK descr: The whole IPv4 address space country: EU # Country is really world wide org: ORG-IANA1-AFRINIC admin-c: IANA1-AFRINIC tech-c: IANA1-AFRINIC status: ALLOCATED UNSPECIFIED remarks: The country is really worldwide. remarks: This address space is assigned at various other places in remarks: the world and might therefore not be in the RIPE database. remarks: data has been transferred from RIPE Whois Database 20050221 mnt-by: AFRINIC-HM-MNT mnt-lower: AFRINIC-HM-MNT source: AFRINIC # Filtered parent: 0.0.0.0 - 255.255.255.255 organisation: ORG-IANA1-AFRINIC org-name: Internet Assigned Numbers Authority org-type: IANA country: EU # Country is really worldwide address: see http://www.iana.org remarks: The IANA allocates IP addresses and AS number blocks to RIRs remarks: see http://www.iana.org/ipaddress/ip-addresses.htm remarks: and http://www.iana.org/assignments/as-numbers admin-c: IANA1-AFRINIC tech-c: IANA1-AFRINIC mnt-ref: AFRINIC-HM-MNT mnt-by: AFRINIC-HM-MNT remarks: data has been transferred from RIPE Whois Database 20050221 source: AFRINIC # Filtered role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: TEAM-AFRINIC tech-c: TEAM-AFRINIC nic-hdl: IANA1-AFRINIC remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. remarks: data has been transferred from RIPE Whois Database 20050221 mnt-by: AFRINIC-DB-MNT source: AFRINIC # Filtered
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 4 months ago · Last seen 7 days ago
Appeared in 19 threat reports