IPMediumSignal 34/100

`95.143.193.125`

Location

Sweden

Hudiksvall, X

ASN

AS49770

Internetport Sweden AB

First Seen

Aug 26, 2020

Last Seen

Jun 23, 2026

Aug 26

First Seen

2130d ago

Jun 23

Last Seen

3d ago

Reports

source reports

34%

Confidence

medium

Found in 31 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

34%

Signal Score

34 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

69 techniques

Network Information

Country

Sweden

RegionHudiksvall, X

ASNAS49770

OrganizationInternetport Sweden AB

IP Category

⟲

Proxy

Proxy server

⊕

VPN

VPN exit node

Feed Intelligence Summary

31 reports34% confidence

Source reports

34%

Confidence score

Category tags

access controlaccount compromiseacintactive scanactive scanningaerospace & defenseagentagent teslaalexaalexa topall octoseekanonymity network abuseanonymization networkanonymization network trafficanonymization_network_originanonymization_service_trafficanonymous proxiesappdataappleapple iosartemisascii textasiaasnone unitedasyncratattackauto-generated securityautomated_attackautomotive manufacturingazorultbad reputationbangladeshbankbank securitybankerbazaloaderbazarloaderbitcoinblacklist httpblacklist httpsblockchainblocklistbodybotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptsbrute_forcebrute_force_attackchinacisco umbrellacivil servicesclasscleanerclickclick-based attackcobalt strikecommand and controlcommodity contracts intermediationcommunication protocolconduitcorecovid19credential accesscredential harvestingcredential stuffingcredential_accesscredential_guessingcredential_stuffingcry killcrypto exchangecrypto miningcrypto walletcryptocurrencycyber threatdapatodata encryptiondata exfiltrationdata store exposureddosddos attackddos attacksdecentralized financedecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedetection listdigital currencydistributed attacksdns attackdomaindownldrdownloaderdroppeddropperelectronics manufacturingemotetencpkencryptencryptionengineeringentriesenumerationerroret toreuropeeurope/asiaexitexit nodeexit node threatexpiredexploitation activityextortionfalconfali contactedfali maliciousfilefilesfinancefinancial institutionfinancial servicesfinlandfireholfranceftpftp brute forceftp_attemptsftp_brute_forcefusioncoregeneratorgenericgeneric malwaregermanygovernment technologyheurhoneynet connecthostnamehostname enumerationhttp brute forcehttp scannerhttpshybrididentity & access exploitationiframeindicatorindicatorsindicators_of_compromiseindustrial automationindustrial iotindustrial productioninformation gatheringinformation technologyinfostealerinfrastructure acquisitionreconnaissanceingress tool transferinitial accessinitial_accessinitial_access_attemptinjection activityinternet of thingsinternet stormiobitiociot botnetiot securityiot/ics attackipv4it infrastructurejapan unknownkeep alivekeyloggerknown torlateral movementlocallockbitlogin attemptlookmalaysiamalicious activitymalicious downloadmalicious linksmalicious sitemalicious softwaremalicious url repositorymalicious-ipmalvertizingmalwaremalware distributionmalware noradmalware sitemanufacturing technologymediametametadata analysismeterpretermilitary operationsmillionminermiraimirai botnetmisc attackmobile threatmovedmsilname verdictnanocore ratnational securitynetwire rcnetworknetwork attacksnetwork intrusionnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork trafficnetwork_attacknetwork_indicatorsnetwork_reconnaissancenetwormnextnextraynjratnode trafficnoname057north americaopenpassive dnspassword attackpassword attackspattern matchpayment securitypayment system attackpaypalphishphishingphishing attackphishing intelligencephishing sitepng imagepolandponypossible credential stuffingpossible reconnaissancepotential botnet activitypredatorprocess injectionprocess manufacturingprotocol exploitationprotocol scanningprotocol_scanningproxyproxy ipspublic administrationpublic infrastructurepublic policypulse pulsesqakbotqbotquality controlquasarraccoonransomransomexxransomwarerdp_attemptsrdp_brute_forcereconnaissancereconnaissance activityredlineredline stealerrefreshregulatory agenciesremcosremcos trojanremote accessremote servicesresearchedrestartrostpayrussiarussia unknownrussian federationsafe sitesamplesscams & fraudscan endpointsscannerscanning activityscriptsesearchsecurity operationssecurity policyserviceservice enumerationsilk roadsitesmokeloadersmtpsmtp brute forcesocial engineeringsocial media securitysoftware developmentspamspamhausspanspyrixkeyloggerspywaressh attackssh_attemptsssh_brute_forcessl certificatestealerstringssummarysupply chain attacksupply chain managementswedenswrortsyn scansystem disruptiont1016t1018t1021t1021.001t1021.002t1027t1040t1046t1055t1056.001t1059t1059.001t1059.003t1059.007t1068t1071t1071.001t1071.002t1071.004t1076t1077t1078t1083t1090t1090 proxyt1090.002t1105t1110t1110 brute forcet1110.001t1110.002t1110.003t1110.004t1114t1133t1176t1190t1204.001t1204.002t1486t1490t1491t1496t1497t1499.001t1499.002t1499.003t1563t1564.003t1565t1566t1566.001t1566.002t1566.003t1569.002t1571t1572t1573t1583.001t1587.001t1588t1588.002t1589t1589.001t1590t1590.001t1590.005t1595t1595 active scanningt1595.001t1595.002t1595.003tag counttcp protocoltcp scantcp scanningteamtelnet threattelnet_attemptsthreat actorthreat infrastructurethreat intelligencethreat preventionthreat reportthreat-intelthreat_activitythreat_actor_activitythreat_intelligencethreat_intelligence_feedtoolstortor activitytor exit nodetor networktor network activitytor nodetor_exit_nodetrojantrojan malwaretrojanspytsara brashearstwittertypeudp scanunattributed_threat_activityunauthorized access attemptunionunitedunited kingdomunited statesunsafeurlsuser executionverifyvidarvpnvpn trafficwacatacweb spamweb trafficwindows ntxcnfe

Activity Timeline

1 total obs

Jun 23Jun 23

Threat Activity Heatmap

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Threat ScoreLow Risk

SIGNAL

Signal Score

34%

Confidence

Reports

First seenAug 26, 2020

Last seenJun 23, 2026

GeolocationSE

CountrySweden

LocationHudiksvall, X

ASNAS49770

OrgInternetport Sweden AB

Coords61.7134, 17.1011

ProxyVPN

VirusTotal

Not checked

WHOIS

description: Anonymization_Network indicators. Date: Apr 8, 2026. Part 1/5. For more threat intelligence visit https://ltna.com.au/cyber
raw: inetnum: 95.143.192.0 - 95.143.207.255 netname: SE-SERVERCONNECT-20090908 country: SE org: ORG-SSA89-RIPE admin-c: NOD64-RIPE tech-c: NOD64-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-by: MNT-SERVERCONNECT mnt-lower: MNT-SERVERCONNECT mnt-routes: MNT-SERVERCONNECT created: 2009-09-08T09:09:12Z last-modified: 2023-04-28T12:25:52Z source: RIPE # Filtered organisation: ORG-SSA89-RIPE org-name: Internetport Sweden AB country: SE org-type: LIR address: Sj�tullsgatan 16 address: 824 55 address: HUDIKSVALL address: SWEDEN phone: +46650402000 fax-no: +46650601024 admin-c: NOD64-RIPE abuse-c: AR17217-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: MNT-SERVERCONNECT mnt-by: RIPE-NCC-HM-MNT mnt-by: MNT-SERVERCONNECT created: 2009-04-22T09:28:40Z last-modified: 2023-04-28T12:24:42Z source: RIPE # Filtered role: Network Operations Department admin-c: MM57482-RIPE tech-c: MM57482-RIPE tech-c: PF657-RIPE admin-c: PF657-RIPE phone: +46 650 40 2000 address: Sj�tullsgatan 16, 82455 HUDIKSVALL nic-hdl: NOD64-RIPE mnt-by: MNT-SERVERCONNECT created: 2023-02-15T14:11:41Z last-modified: 2023-02-15T14:26:44Z source: RIPE # Filtered route: 95.143.192.0/20 descr: INTERNETPORT AB -BL origin: AS49770 mnt-by: MNT-SERVERCONNECT created: 2009-12-16T13:36:38Z last-modified: 2014-03-06T16:31:14Z source: RIPE
references: https://raw.githubusercontent.com/platformbuilds/Tor-IP-Addresses/refs/heads/master/tor-exit-nodes.lst, https://check.torproject.org/torbulkexitlist, https://wallpapers-nature.com/tsara-brashears/urlscan-io, alohatube.xyz, https://www.anyxxxtube.net/search-porn/tsara-brashears/, http://alohatube.xyz/search/tsara-brashears, https://www.pornhub.com/gifs/search?search=tsara+lynn+brashears+lesbian, ww.google.com.uy, https://alohatube.xyz/search/tsara-brashears, https://wallpapers-nature.com/%20tsara-brashears/urlscan-io, https://polling.portal.gov.bd/js/npc.script.js, polling.portal.gov.bd, https://polling.portal.gov.bd/js/npop.script.js, http://watchhers.net/index.php, https://brandyallen.com/2022/11/23/sexy, m.pornsexer.xxx.3.1.adiosfil.roksit.net, http://park.above.com/jr.php?gz=DjDNgvDQ0WlpBALxevxSvkF3jBH95b5riUvmgFjb1tbPDV06suYFlRcPA34ufLE5UZ8spiM7ya7tRXR8nLUgk920DSaIXniiR5hkoveznG%20mez7OU5R%20HKIczV475LuRwxm3J1pcRSpQcePtF/4aD%20frLO%205mYc0Maj8Z1IwBeAMESc9Gk3BzCkGUHNVeCAZ9vZrQhEeVvN%20QVBAu1boZNJTnvCAP0lB5ebMSP92bFHD/ItyL53LoVDSYWMd64KTNMMJaXE0kZVqQn/%20STriQbrA6cmW3Xj4sAJ3XXEbNNJzTbIvgsy00PlKWInEUK/iXzVecaBsXg3vkUcvkeM3HPPIajaBexXO7ATYz/qTeKAksI9l2IoDAsn0S9BYCTuP8uTYdgJAv0LO%20MkNBOrSqJnFQzTlNxG4NRSP6K4VDWklVPpCwQc/s/AfrwIdLcdrV6CQDLaluG1naOjXDc, http://nhrc.portal.gov.bd/sites/default/files/files/nhrc.portal.gov.bd/page/348ec5eb_22f8_4754_bb62_6a0d15ba1513/Study-Report-on-Sexual-Offences_Final.pdf, https://twitter.com/PORNO_SEXYBABES, https://alohatube.xyz/search/sex-mom-dog-animal, https://www.colorfulbox.jp/, Hybrid Analysis, Any.run, OTX AlienVault, Urlscan, UrlVoid, http://emrd.gov.bd/dead.php, http://titasgas.portal.gov.bd/dead.php, http://mincom.gov.bd/dead.php, http://cabinet.gov.bd/dead.php

`95.143.193.125`

MITRE ATT&CK TTPs

Network Information

IP Category

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey