IPMediumSignal 91/100

`87.120.166.245`

Location

United States

Frankfurt am Main, Hesse

ASN

AS215439

Play2go International Limited

First Seen

Oct 22, 2024

Last Seen

Aug 5, 2025

Oct 22

First Seen

607d ago

Aug 5

Last Seen

319d ago

Reports

source reports

91%

Confidence

medium

Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

91%

Signal Score

91 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

41 techniques

Network Information

Country

United States

RegionFrankfurt am Main, Hesse

ASNAS215439

OrganizationPlay2go International Limited

Feed Intelligence Summary

10 reports91% confidence

Source reports

91%

Confidence score

Category tags

abuseactive scanningattackbotnetbrute forcebrute force attackbrute force attackscitrix exploitation attemptscitrix securitycommand and controlcommunication protocolcowrie honeypotcredential accesscredential stuffingdata exfiltrationdatabase exploitationdecoy systemdenial of servicedionaea honeypotdistributed attacksenterprise securityexploitation of privilegefin scanfirewall detectionftp brute forcehoneytrap honeypothttp brute forcehydraicmpindicatorlamplamp exploitationlateral movementmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemasscanmedusanetworknetwork attacksnetwork discoverynetwork enumerationnetwork intrusion attemptsnetwork mappingnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynmapnull scanopen portsos fingerprintingpassword attackspotential botnet activityprocess injectionprotocol exploitationreconnaissancereconnaissance activityremote accessremote servicesresearchedscannerservice enumerationservice version detectionsftp access attemptssftp attacksmtp brute forcesql injection attemptssh attackssh monitoringsweep scansynsyn scant1016.001t1018t1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.004t1068t1071t1071.001t1076t1078t1078.001t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1203t1204.002t1486t1496t1499.002t1499.003t1563t1565t1566.001t1588t1589t1595t1595.001t1595.002t1595.003tannertcp protocoltelnet threatthreat actorthreat detectionthreat intelligenceudp port scanunauthorized access attemptsunited statesweb application attacksweb server exploitationxmas scan

Activity Timeline

1 total obs

Aug 5Aug 5

Threat Activity Heatmap

· Peak: 2025-08-05

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Threat ScoreHigh Risk

SIGNAL

Signal Score

91%

Confidence

Reports

First seenOct 22, 2024

Last seenAug 5, 2025

GeolocationUS

CountryUnited States

LocationFrankfurt am Main, Hesse

ASNAS215439

OrgPlay2go International Limited

Coords50.1169, 8.6837

VirusTotal

Not checked

WHOIS

description: 2024-11-03T22:27:25.000Z Honeypot : Honeytrap : Source: 87.120.166.245 : Port: 34567 Message: {'payload': {'md5_hash': '0356c1f163cf279afd604a7df98c9851', 'sha512_hash': '6db30861c050fc9e93fdfc1e92c184356c25485d24a6442a06c738c0aafbbcf91a5fb92bc58806d05d712f318a64b5b9f01847e07a4c1553edc6904a11aa2c7a', 'length': 125, 'data_hex': 'ff00000000000000000000000000f103250000007b202252657422203a203130302c202253657373696f6e494422203a202230783022207d0aff00000000000000000000000000ac05300000007b20224e616d6522203a20224f5054696d655175657279222c202253657373696f6e494422203a202230783022207d0a'}, 'protocol': 'tcp'}

`87.120.166.245`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey