IOC Radar
IPMediumSignal 70/100

89.35.130.146

Location
GermanyGermany
Frankfurt am Main, Hesse
ASN
AS214309
Aurorix Gaming Solutions Limited
First Seen
Nov 15, 2025
Last Seen
May 5, 2026
Nov 15
First Seen
218d ago
May 5
Last Seen
48d ago
21
Reports
source reports
70%
Confidence
medium
Found in 21 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

87 techniques

Network Information

CountryDEGermany
RegionFrankfurt am Main, Hesse
ASNAS214309
OrganizationAurorix Gaming Solutions Limited

IP Category

Proxy
Proxy server

Feed Intelligence Summary

21 reports70% confidence
21
Source reports
70%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningapacheapache attackerattackaustraliaauthentication attackauthentication-attemptsautomated attacksbad reputationbad web botblacklist activityblog spambotnetbotnet activitybotnet activity detectedbotnet activity detectionbotnet indicatorsbrute forcebrute force attackbrute force attacksbrute force attemptbrute-forcec&c communicationc2c2 communicationcisco devicecommand & controlcommand and controlcommand executioncommunication protocolcompromised credentialscompromised hostscompromised systemcompromised systemscowrie honeypotcowrie ssh honeypotcredential accesscredential brute-forcecredential harvestingcredential stuffingcredential theftcredential-stuffingcve exploitation attemptsdata encryptiondata exfiltrationdata store exposuredatabase securityddosddos activityddos attackddos attacksddos botnetdedecoy systemdefault credential abusedenial of servicedevice managementdhcpdhcp scanningdionaea honeypotdistributed attackselasticsearchelasticsearch scanningemerging threatsencryptionenterprise networkingeuropeexploit attemptsexploitation activityexploitation attemptsexploited hostfattftpftp brute forceftp brute-forcegermanyhackinghoneytrap honeypothttp probinghttp scannerhttp/sidentity & access exploitationidsimapimap scanninginformation gatheringinitial accessinjection activityinternet of thingsintrusion detectioniociot botnetiot device exploitationiot securityiot/ics attackkill-chain exploitationkill-chain reconnaissancelamplamp server attacklateral movementldapldap scanninglinux serverlinux-server-attackslow-riskmailoney honeypotmalicious activitymalicious network activitymalicious sftp activitymalicious softwaremalicious ssh activitymalicious-activitymalwaremalware behaviourmalware capturemalware distributionmalware indicatorsmemcache scanningmirai botnetmodbusmssqlmssql scanningnetworknetwork attacksnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork monitoringnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnetwork trafficntpntp scanningoceaniaopen proxyoracleoracle scanningosintp0fpassword attackpassword attackspassword-guessingphishingphishing attackphishing campaignphishing trapping of deathport-scanningpossible botnet activitypossible credential reusepostgresql brute forcepotential botnet activityprocess injectionprotocol exploitationproxyransomwarereconnaissanceredis scanningremote accessremote servicesresearchedresource hijackingscanscannerscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetserver exploitationservice scansftp attacksmb scanningsocial engineeringsocks5socks5 scanningsocradar honeypotspamspam botnetspam campaignsspam sendingsql injectionsql injection attemptssshssh attackssh monitoringt1003t1003.001t1003.002t1003.003t1003.004t1003.005t1003.006t1003.007t1003.008t1005t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1021.007t1021.008t1040t1041t1046t1047t1055t1056.001t1059t1059.001t1059.003t1059.004t1059.005t1059.006t1059.007t1070t1070.001t1070.002t1070.003t1071t1071.001t1071.004t1076t1077t1078t1078.002t1078.003t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1203t1486t1496t1499.001t1499.002t1499.003t1505.002t1505.004t1552.001t1555t1555.001t1555.002t1555.003t1555.004t1555.005t1555.006t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1568t1568.002t1571t1573t1573.001t1573.002t1588.004t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpottraffic anomalyunauthorized accessunauthorized loginurlsvnc protocolvnc scanningvoipvoip attackvulnerability scanweb application attackweb application attacksweb attackweb attacksweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
May 5May 5

Threat Activity Heatmap

· Peak: 2026-05-05
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
70
SIGNAL
Signal Score
70%
Confidence
21
Reports
First seenNov 15, 2025
Last seenMay 5, 2026
GeolocationDE
CountryGermany
LocationFrankfurt am Main, Hesse
ASNAS214309
OrgAurorix Gaming Solutions Limited
Coords50.1169, 8.6837
Proxy

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 7 months ago · Last seen 1 month ago
Appeared in 21 threat reports