Ftp Authenticated Session Establishment

FTP session where a client probes for valid usernames, attempts authentication, switches to ASCII mode, and enters passive mode without performing explicit file listing or transfer operations. This reflects a completed login and session setup sequence, often observed during credential validation or preparatory access prior to further activity.

Observed IPs

Avg Confidence

75%

Severity

medium

Top IPs by event countFTP

IP Address	Risk	Events	Sessions	Country	ASN	Last Seen
118.193.47.212	99%	1,556	397	🇭🇰 HK	AS135377	2026-03-03
165.154.179.204	96%	1,212	421	🇷🇺 RU	AS135377	2026-03-05
118.194.249.72	96%	1,085	432	🇰🇷 KR	AS135377	2026-03-05
101.36.122.183	92%	1,055	330	🇭🇰 HK	AS135377	2026-03-05
128.14.237.43	91%	1,017	344	🇺🇸 US	AS135377	2026-03-05
118.194.250.31	99%	987	417	🇹🇭 TH	AS135377	2026-03-04
128.1.46.183	92%	904	289	🇷🇺 RU	AS135377	2026-03-05
128.14.236.128	89%	874	278	🇺🇸 US	AS135377	2026-03-04
128.14.236.30	96%	850	381	🇺🇸 US	AS135377	2026-03-04
101.36.105.50	95%	771	272	🇯🇵 JP	AS135377	2026-03-04
128.14.236.41	95%	761	379	🇺🇸 US	AS135377	2026-03-05
152.32.181.108	88%	709	253	🇦🇪 AE	AS135377	2026-03-04
128.14.239.39	96%	705	207	🇺🇸 US	AS135377	2026-03-04
165.154.11.172	96%	694	372	🇳🇬 NG	AS135377	2026-03-05
165.154.11.121	83%	624	333	🇳🇬 NG	AS135377	2026-03-05
165.154.119.217	92%	574	326	🇹🇭 TH	AS135377	2026-03-04
165.154.11.149	84%	541	224	🇳🇬 NG	AS135377	2026-02-26
152.32.206.64	98%	535	275	🇺🇸 US	AS135377	2026-03-04
118.26.104.78	96%	514	194	🇬🇧 GB	AS135377	2026-03-05
165.154.138.165	98%	507	225	🇩🇪 DE	AS135377	2026-03-04

Loading threats

Ftp Authenticated Session Establishment

Observed IPs

Avg Confidence

75%

Severity

medium

Top IPs by event countFTP

IP Address	Risk	Events	Sessions	Country	ASN	Last Seen
118.193.47.212	99%	1,556	397	🇭🇰 HK	AS135377	2026-03-03
165.154.179.204	96%	1,212	421	🇷🇺 RU	AS135377	2026-03-05
118.194.249.72	96%	1,085	432	🇰🇷 KR	AS135377	2026-03-05
101.36.122.183	92%	1,055	330	🇭🇰 HK	AS135377	2026-03-05
128.14.237.43	91%	1,017	344	🇺🇸 US	AS135377	2026-03-05
118.194.250.31	99%	987	417	🇹🇭 TH	AS135377	2026-03-04
128.1.46.183	92%	904	289	🇷🇺 RU	AS135377	2026-03-05
128.14.236.128	89%	874	278	🇺🇸 US	AS135377	2026-03-04
128.14.236.30	96%	850	381	🇺🇸 US	AS135377	2026-03-04
101.36.105.50	95%	771	272	🇯🇵 JP	AS135377	2026-03-04
128.14.236.41	95%	761	379	🇺🇸 US	AS135377	2026-03-05
152.32.181.108	88%	709	253	🇦🇪 AE	AS135377	2026-03-04
128.14.239.39	96%	705	207	🇺🇸 US	AS135377	2026-03-04
165.154.11.172	96%	694	372	🇳🇬 NG	AS135377	2026-03-05
165.154.11.121	83%	624	333	🇳🇬 NG	AS135377	2026-03-05
165.154.119.217	92%	574	326	🇹🇭 TH	AS135377	2026-03-04
165.154.11.149	84%	541	224	🇳🇬 NG	AS135377	2026-02-26
152.32.206.64	98%	535	275	🇺🇸 US	AS135377	2026-03-04
118.26.104.78	96%	514	194	🇬🇧 GB	AS135377	2026-03-05
165.154.138.165	98%	507	225	🇩🇪 DE	AS135377	2026-03-04