IOC Radar
IPMediumSignal 55/100

185.156.73.54

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS211736
IP Kiktev Nikolay Vladimirovich
First Seen
Sep 24, 2020
Last Seen
Mar 13, 2026
Sep 24
First Seen
2098d ago
Mar 13
Last Seen
101d ago
4
Reports
source reports
55%
Confidence
medium
Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

37 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS211736
OrganizationIP Kiktev Nikolay Vladimirovich

Feed Intelligence Summary

4 reports55% confidence
4
Source reports
55%
Confidence score
Category tags
active scanningapplication layer protocolbrute forcebrute force attackcommunication protocolcredential accesscredential stuffingdatabase attacksdecoy systemdenial of serviceexploit probingftpftp brute forcehttp brute forcehttp scannerhttpsindicatorlateral movementmalware propagation attemptnetherlandsnetworknetwork attacksnetwork enumerationnetwork intrusion detectionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnorth americapassword attackpassword attackspossible botnet activitypossible reconnaissanceprotocol exploitationreconnaissanceremote accessremote servicesresearchedscannerscanning activitysmb brute forcessh attacksyn scant1016t1021t1021.001t1021.002t1021.003t1040t1046t1053t1059t1059.004t1068t1071.001t1076t1078t1087t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1210t1499.001t1499.002t1499.003t1563t1588t1588.002t1589t1590t1592t1595t1595.001t1595.002t1595.003tcp protocoltcp scanningtelnet threatthreat intelligencetsecunauthorized accessunauthorized access attemptunauthorized access attemptsunited statesvalid accountsweb application attackweb exploitationweb traffic

Activity Timeline

1 total obs
Mar 13Mar 13

Threat Activity Heatmap

· Peak: 2026-03-13
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
4
Reports
First seenSep 24, 2020
Last seenMar 13, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS211736
OrgIP Kiktev Nikolay Vladimirovich
Coords52.3676, 4.9041

VirusTotal

Not checked

WHOIS

description
HoneyNet Event: 185.156.73.54 connected: 10 times over ports: 9428, 9474 Tags: P0f,9428, 9474

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 3 months ago
Appeared in 4 threat reports