IOC Radar
IPMediumSignal 78/100

195.136.224.101

Location
PolandPoland
Trzebnica, 02
ASN
AS199389
TKT
First Seen
Aug 19, 2021
Last Seen
May 23, 2026
Aug 19
First Seen
1765d ago
May 23
Last Seen
27d ago
17
Reports
source reports
78%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
78%
Signal Score
78 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryPLPoland
RegionTrzebnica, 02
ASNAS199389
OrganizationTKT

Feed Intelligence Summary

17 reports78% confidence
17
Source reports
78%
Confidence score
Category tags
abuseactive scanactive scanningaptattacker-ipbad reputationbad web botbankblog spambotnet activitybrute forcebrute force attackbrute force attackerbrute-forcebruteforcecowriecredential accesscredential stuffingddosddos attackdenial of servicedigital oceaneuropeexploitation activityexploited hostexport-to-otxhackinghoneypot 24h activityidentity & access exploitationindicatormispnetworkpassword attacksplpolandportscanransomwarereconnaissanceresearchedscannerscannersscanningservice scansocradar honeypotspamsshssh attackssh bruteforcet1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003threat actorthreat-inteltor nodevoidtrapweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 23May 23

Threat Activity Heatmap

· Peak: 2026-05-23
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
78
SIGNAL
Signal Score
78%
Confidence
17
Reports
First seenAug 19, 2021
Last seenMay 23, 2026
GeolocationPL
CountryPoland
LocationTrzebnica, 02
ASNAS199389
OrgTKT
Coords51.3061, 17.0645

VirusTotal

Not checked

WHOIS

description
Cowrie honeypot 24h activity
raw
inetnum: 195.136.224.0 - 195.136.231.255 netname: TKT-NET descr: TKT-NET A. Kaniewska, R. Kaniewski s.c. descr: Connected by EXATEL S.A. country: PL admin-c: RK7089-RIPE tech-c: RK7089-RIPE status: ASSIGNED PA mnt-by: MNT-EXATEL created: 2013-02-11T06:18:58Z last-modified: 2013-02-15T06:24:52Z source: RIPE person: Rafal Kaniewski address: ul. Obroncow Pokoju 43/2 address: 55-100 Trzebnica address: Poland org: ORG-TAKR1-RIPE phone: +48 783 820 666 nic-hdl: RK7089-RIPE mnt-by: TKT-NET-MNT created: 2013-02-12T20:11:38Z last-modified: 2013-02-12T20:12:04Z source: RIPE route: 195.136.224.0/21 descr: TKT-NET origin: AS199389 mnt-by: MNT-EXATEL created: 2013-02-28T13:59:43Z last-modified: 2013-02-28T13:59:43Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 years ago · Last seen 27 days ago
Appeared in 17 threat reports