IOC Radar
IPMediumSignal 62/100

185.254.197.231

Location
UkraineUkraine
First Seen
Mar 28, 2026
Last Seen
Jun 10, 2026
Mar 28
First Seen
92d ago
Jun 10
Last Seen
17d ago
5
Reports
source reports
62%
Confidence
medium
Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
62%
Signal Score
62 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryUAUkraine
RegionKyiv City

IP Category

VPN
VPN exit node

Feed Intelligence Summary

5 reports62% confidence
5
Source reports
62%
Confidence score
Category tags
active scanactive scanningbad web botbotnet activitybrute forcebrute force attackbrute-forcebruteforcecredential accesscredential stuffingddosddos attackdenial of serviceeuropeexploitation activityexploited hostftp brute-forcehackingidentity & access exploitationindicatorinjection activitynetworkpassword attacksphishingping of deathreconnaissanceresearchedscannerspamsql injectiont1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003targeting databaseukrainevpnvpn ipweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Jun 10Jun 10

Threat Activity Heatmap

· Peak: 2026-06-10
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
62
SIGNAL
Signal Score
62%
Confidence
5
Reports
First seenMar 28, 2026
Last seenJun 10, 2026
GeolocationUA
CountryUkraine
LocationKyiv City
Coords50.4504, 30.5245
VPN

VirusTotal

Not checked

WHOIS

raw
inetnum: 185.254.196.0 - 185.254.199.255 netname: UA-VSYS-20180411 country: UA org: ORG-VSL22-RIPE admin-c: VS10657-RIPE tech-c: VS10657-RIPE geofeed: https://vsys.host/geofeed.csv status: ALLOCATED PA mnt-by: VSYS-MNT mnt-by: RIPE-NCC-HM-MNT created: 2021-05-25T06:57:27Z last-modified: 2025-09-04T08:53:53Z source: RIPE organisation: ORG-VSL22-RIPE org-name: Virtual Systems LLC country: UA org-type: LIR address: Laboratorna str., building 33/37 address: 03150 address: Kiyv address: UKRAINE phone: +380981968199 phone: +380445915679 reg-nr: 41872207 admin-c: VS10657-RIPE tech-c: VS10657-RIPE abuse-c: AR50431-RIPE mnt-ref: VSYS-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: VSYS-MNT created: 2019-01-23T14:51:44Z last-modified: 2026-04-29T05:39:03Z source: RIPE # Filtered person: Vyacheslav Smyrnov address: Laboratorna 33/37 address: 03150 address: Kiyv address: UKRAINE phone: +380981968199 nic-hdl: VS10657-RIPE mnt-by: VSYS-MNT created: 2019-01-23T14:51:44Z last-modified: 2020-12-24T12:00:56Z source: RIPE route: 185.254.196.0/23 origin: AS30860 mnt-by: VSYS-MNT created: 2021-05-25T16:46:35Z last-modified: 2021-05-25T16:46:35Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 17 days ago
Appeared in 5 threat reports