IPMediumSignal 48/100
213.169.137.211
Location
CyprusPeyia, Lefkosia
ASN
AS5504
Logosnet Services Limited
First Seen
Nov 8, 2024
Last Seen
May 5, 2026
Found in 23 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
48%
Signal Score
48 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryCyprus
CyprusRegionPeyia, Lefkosia
ASNAS5504
OrganizationLogosnet Services Limited
Feed Intelligence Summary
23 reports48% confidence
23
Source reports
48%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningapplication layer protocolattackauthentication abuseauthentication attackauthentication attemptsauthentication failureauto-generated securitybad reputationbotnetbotnet activitybrute forcebrute force attackbrute-forcebrute_forcec2 servercommand & controlcommand and controlcompromise attemptcompromised hostscowrie honeypotcredential accesscredential harvestingcredential stuffingcredential_accessctacycyprusdata exfiltrationdata store exposuredata theftddosdecoy systemdionaea honeypotdistributed attackseuropeexploitation activityexploitation attemptfail2ban alertfail2ban triggerfail2ban triggeredfailed loginftp brute forcegame_serverhoneytrap honeypotidentity & access exploitationinfrastructure acquisitionreconnaissanceinjection activityioclamplogin attacklogin attemptsmalicious activitymalicious payloadmalicious softwaremalwaremalware behaviourmalware capturemalware distributionmanualmultiple failed attemptsnetworknetwork intrusionnetwork layer protocolnetwork probenetwork probingnetwork scannetwork scanningnetwork security monitoringnetwork service scanningnetwork traffic analysispassword attacksphishingphishing attackprocess injectionproxyransomwarereconnaissanceremote service exploitationresearchedscannersecurity operationssecurity policyservice scansftp attacksocial engineeringspamsshssh attackssh monitoringstaging_servert1021t1021.001t1021.004t1040t1041t1055t1059t1059.004t1068t1071t1071.001t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1204.002t1486t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1573t1587.001t1590.001t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat detectionthreat intelligencethreat preventiontor nodeunauthorized accessunauthorized access attemptunauthorized access attemptsunited kingdomvalid accountsvulnerability scanweb brute force
Activity Timeline
May 5May 5
Threat Activity Heatmap
· Peak: 2026-05-05LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
48
SIGNAL
Signal Score
48%
Confidence
23
Reports
First seenNov 8, 2024
Last seenMay 5, 2026
GeolocationCY
CountryCyprus
LocationPeyia, Lefkosia
ASNAS5504
OrgLogosnet Services Limited
Coords35.0000, 33.0000
VirusTotal
Not checked
WHOIS
- description
- Banned by Fail2Ban [sshd]
- raw
- inetnum: 213.169.136.0 - 213.169.139.255 netname: LOGOSNET-213-169-136 country: CY admin-c: NN228-RIPE tech-c: NN228-RIPE status: ASSIGNED PA remarks: INFRA-AW mnt-by: LOGOSNET-MNT created: 2020-10-14T15:21:58Z last-modified: 2020-10-14T15:21:58Z source: RIPE person: Nicos Nicolaou address: CY-1644, Cyprus phone: +357 22 745000 fax-no: +357 22 350454 nic-hdl: NN228-RIPE mnt-by: LOGOSNET-MNT created: 2003-05-02T11:42:30Z last-modified: 2010-12-17T16:16:11Z source: RIPE # Filtered route: 213.169.136.0/22 origin: AS5504 mnt-by: LOGOSNET-MNT created: 2020-10-14T15:17:55Z last-modified: 2020-10-14T15:17:55Z source: RIPE
- references
- https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://blog.edie.io/2020/04/30/diy-ip-threat-feed/, https://github.com/tankmek/threatfeed, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 month ago
Appeared in 23 threat reports