IOC Radar
IPMediumSignal 37/100

195.96.138.142

Location
United KingdomUnited Kingdom
Luton, England
ASN
AS210924
SSD Networks Limited
First Seen
Jan 11, 2025
Last Seen
Mar 31, 2026
Jan 11
First Seen
519d ago
Mar 31
Last Seen
75d ago
13
Reports
source reports
37%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
37%
Signal Score
37 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

49 techniques

Network Information

CountryGBUnited Kingdom
RegionLuton, England
ASNAS210924
OrganizationSSD Networks Limited

Feed Intelligence Summary

13 reports37% confidence
13
Source reports
37%
Confidence score
Category tags
abuseaccessactive scanactive scanningadbhoney honeypotattackbad reputationbotnetbotnet activitybrute forcebrute force attackciscocisco devicecode executioncommand and controlcommand executioncommunication protocolconnectcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposuredecoy systemdefense evasiondevice managementdionaeadionaea honeypotdistributed attacksemailenterprise networkingenumerationeuropeexploit scanexploitation activityfileftp brute forcegbgithubgroupshoneytrap honeypothttp brute forcehttp scanningidentity & access exploitationindicatorinitial accessinjection activitylamplamp exploitation attemptsmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemysql brute forcenetworknetwork infrastructurenetwork probingnetwork scanningnetwork securitynetwork service scanningnorth americapassword attacksphishingphishing attackphishing trappotential malware distributionprivilege escalationprocess injectionprotocol exploitationpythonransomwarereconnaissanceremote accessremote servicesresearchedresource hijackingscannerscriptscripting attackssentrypeer botnetservice scansftpsftp activitysftp attacksipsip brute forcesip scanningslugsmtp brute forcesocial engineeringsoftware exploitationsshssh attackssh monitoringsurface webt1016t1018t1021t1021.001t1021.002t1021.004t1027t1040t1041t1046t1053t1053.005t1055t1059t1059.004t1059.007t1068t1071.001t1076t1078t1078.002t1078.004t1083t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1583t1588t1595t1595.001t1595.002t1595.003tcptelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodeunited kingdomunited statesuploadvoipvoip attackweb application attacksweb attackweb exploitationweb scanner

Activity Timeline

1 total obs
Mar 31Mar 31

Threat Activity Heatmap

· Peak: 2026-03-31
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
37
SIGNAL
Signal Score
37%
Confidence
13
Reports
First seenJan 11, 2025
Last seenMar 31, 2026
GeolocationGB
CountryUnited Kingdom
LocationLuton, England
ASNAS210924
OrgSSD Networks Limited
Coords0.0000, 0.0000

VirusTotal

Not checked

WHOIS

description
2025-02-01T23:53:44.503Z Honeypot : Dionaea : Source: 195.96.138.142 : Port: 21 Connection: {'transport': 'tcp', 'type': 'accept', 'protocol': 'ftpd'}
raw
inetnum: 195.96.138.0 - 195.96.138.255 netname: UK-SSDNETWORKS2-20211102 country: GB org: ORG-SNL74-RIPE admin-c: SA41279-RIPE tech-c: SA41279-RIPE status: ALLOCATED PA mnt-by: lir-uk-ssdnetworks2-1-MNT mnt-by: RIPE-NCC-HM-MNT mnt-lower: lir-uk-ssdnetworks2-1-MNT mnt-routes: lir-uk-ssdnetworks2-1-MNT created: 2021-11-02T12:05:47Z last-modified: 2021-11-02T12:05:47Z source: RIPE organisation: ORG-SNL74-RIPE org-name: SSD Networks Limited country: GB org-type: LIR address: unit4, 27 inkerman street address: LU1 1JB address: LUTON address: UNITED KINGDOM phone: +441582 614319 admin-c: SA41279-RIPE tech-c: SA41279-RIPE abuse-c: AR66001-RIPE mnt-ref: lir-uk-ssdnetworks2-1-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: lir-uk-ssdnetworks2-1-MNT created: 2021-10-31T22:31:48Z last-modified: 2021-10-31T22:31:48Z source: RIPE # Filtered role: support address: UNITED KINGDOM address: LUTON address: LU1 1JB address: unit4, 27 inkerman street phone: +441582 614319 nic-hdl: SA41279-RIPE mnt-by: lir-uk-ssdnetworks2-1-MNT created: 2021-10-31T22:31:47Z last-modified: 2021-10-31T22:31:48Z source: RIPE # Filtered route: 195.96.138.0/24 origin: AS210924 mnt-by: lir-uk-ssdnetworks2-1-MNT mnt-by: mnt-uk-ssdnetworks1-1 mnt-by: tofazzal-MNT mnt-by: lir-uk-ssdnetworks2-1-MNT mnt-by: mnt-uk-ssdnetworks1-1 mnt-by: tofazzal-MNT created: 2021-11-04T04:59:13Z last-modified: 2021-11-04T04:59:13Z source: RIPE route: 195.96.138.0/24 origin: AS42689 mnt-by: tech-mnt mnt-by: lir-uk-ssdnetworks2-1-MNT mnt-by: mnt-uk-ssdnetworks1-1 mnt-by: ceo-MNT mnt-by: tofazzal-MNT created: 2022-01-04T23:37:11Z last-modified: 2022-01-04T23:37:11Z source: RIPE
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 13 threat reports