IOC Radar
IPMediumSignal 67/100

77.239.125.41

Location
GermanyGermany
Frankfurt am Main, Hesse
ASN
AS215439
Play2go International Limited
First Seen
Mar 12, 2025
Last Seen
Jun 21, 2026
Mar 12
First Seen
466d ago
Jun 21
Last Seen
today
20
Reports
source reports
67%
Confidence
medium
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
67%
Signal Score
67 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

81 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, Hesse
ASNAS215439
OrganizationPlay2go International Limited

Feed Intelligence Summary

20 reports67% confidence
20
Source reports
67%
Confidence score
Category tags
abuseaccess controlactive scanningadvanced persistent threatamsi bypassaptapt 28apt campaignsapt groupasiaattackbatchbatch scriptbatch script malwareblacklisted ipblacklisted ip addressbotnetbrute forcebrute force attackbrute force attemptbrute_forcec2central asiacommand and controlcommand executioncommunication protocolcompromised emailcompromised systemcredential accesscredential harvestingcredential stuffingcredential_accessdata breachdata encryptiondata exfiltrationdata theftddosddos attackdenial of servicedetected botnet activitydistributed attacksdll implantdll implantsdll injectiondocument luredomains/ipsdownloaderdownshellelectronic health recordsenergyenergy distributionenergy sectorenumerationeuropeeurope/asiaextortionftpftp brute forcegermanyhealth care and social assistancehealth information technologyhealthcare information systemshospital managementhttp brute forcehttp scanninghttps scanningindicatorinformation gatheringinfrastructure targetinginitial accessintrusion detectionkazakhstankazakhstan cybersecuritykmgknown attacker iplateral movementlnk filelnk file malwaremalicious activitymalicious powershell activitymalicious softwaremalwaremalware analysismalware deliverymanualmedical servicesmetasploitmetasploit frameworkmeterpretermeterpreter payloadnetworknetwork attacksnetwork intrusionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork_reconnaissancenoisy bearnoisybear aptoil & gasoil and gasoperation barrelfirepassword attackspatient carephishingphishing attachmentphishing attackphishing attackspotential unauthorized accesspower generationpower systemsprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote command executionremote servicesrenewable energyresearchedrurussiarussian federationrussian threat actorscannerscripting attackssecurity operationssecurity policyseqriteseqrite labsseqrite labs researchsmtp brute forcesmtp scanningsocial engineeringsocial engineering attacksocradarspamspear-phishingspearphishingssh attacksystem disruptiont1003t1005t1016t1018t1021t1021.001t1027t1027.005t1039t1040t1041t1046t1047t1053t1055t1055.001t1055.003t1056t1057t1059t1059.001t1059.003t1059.004t1059.005t1068t1071t1071.001t1076t1078t1078.001t1078.002t1083t1086t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1132t1133t1136t1189t1190t1192t1202t1204t1204.002t1210t1218.007t1218.010t1218.011t1486t1490t1496t1499.001t1499.002t1499.003t1543t1547t1547.001t1555t1562t1563t1565t1566t1566.001t1566.002t1566.003t1567.002t1573t1573.001t1589.002t1595t1595.001t1595.002t1595.003t1598t1598.001t1598.003tcp protocoltelnet threatthreat actorthreat intelligencethreat preventionunited kingdomzipzip file exploitation

Activity Timeline

1 total obs
Jun 21Jun 21

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
1
Minimal
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
67
SIGNAL
Signal Score
67%
Confidence
20
Reports
First seenMar 12, 2025
Last seenJun 21, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS215439
OrgPlay2go International Limited
Coords50.1109, 8.6821

VirusTotal

Not checked

WHOIS

description
CC=GB ASN=AS6908 six degrees technology group limited
raw
inetnum: 77.239.125.0 - 77.239.125.255 netname: PLAY2GO-CUSTOMERS-NETWORK country: DE admin-c: SM40399-RIPE tech-c: ACRO55633-RIPE abuse-c: ACRO55633-RIPE descr: play2go.cloud - Cheap and reliable hosting mnt-domains: play2go-mnt mnt-lower: play2go-mnt mnt-routes: play2go-mnt org: ORG-PIL38-RIPE status: SUB-ALLOCATED PA mnt-by: lir-us-acedatacenter-1-MNT created: 2025-07-28T17:50:19Z last-modified: 2025-07-28T17:50:19Z source: RIPE organisation: ORG-PIL38-RIPE org-name: PLAY2GO INTERNATIONAL LIMITED country: GB mnt-ref: interlir-mnt mnt-ref: lir-us-acedatacenter-1-MNT mnt-ref: MNT-NETERRA org-type: OTHER address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ mnt-ref: play2go-mnt tech-c: ACRO55633-RIPE abuse-c: ACRO55633-RIPE admin-c: ACRO55633-RIPE mnt-ref: SBL-MNT mnt-by: play2go-mnt created: 2024-10-03T10:23:18Z last-modified: 2025-04-26T15:16:58Z source: RIPE # Filtered role: Abuse contact role object address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ abuse-mailbox: [email protected] nic-hdl: ACRO55633-RIPE mnt-by: play2go-mnt created: 2024-02-17T20:37:49Z last-modified: 2024-10-02T15:11:46Z source: RIPE # Filtered person: Kyrylo Harazha address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ phone: +447446979461 nic-hdl: SM40399-RIPE mnt-by: play2go-mnt created: 2024-02-17T20:30:54Z last-modified: 2025-07-05T11:00:23Z source: RIPE # Filtered route: 77.239.125.0/24 origin: AS215439 mnt-by: play2go-mnt created: 2025-07-29T10:57:57Z last-modified: 2025-07-29T10:57:57Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen today
Appeared in 20 threat reports