IOC Radar
IPMediumSignal 44/100

194.165.16.13

Location
LithuaniaLithuania
Kaunas, Kaunas
ASN
AS48721
Flyservers S.A
First Seen
Dec 26, 2020
Last Seen
May 22, 2026
Dec 26
First Seen
1995d ago
May 22
Last Seen
22d ago
18
Reports
source reports
44%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

21 techniques

Network Information

CountryLTLithuania
RegionKaunas, Kaunas
ASNAS48721
OrganizationFlyservers S.A

Feed Intelligence Summary

18 reports44% confidence
18
Source reports
44%
Confidence score
Category tags
active scanactive scanningattackbrute forcebrute force attackbruteforcecommunication protocolcredential accesscredential stuffingdata store exposuredatabase attacksdecoy systemexploitation activityftpftp brute forcehttp brute forcehttp scanneridentity & access exploitationindicatorinformation technologyit infrastructuremalicious activitymalwaremonaconetworknetwork attacksnetwork enumerationnetwork reconnaissancenetwork scanningnetwork securitynorth americapassword attackspossible reconnaissanceprotocol exploitationreconnaissanceremote accessremote servicesresearchedscannerscanningscanning activitysmtpsoftware developmentsshssh attacksuspicious-udpt1021t1021.001t1040t1046t1053t1059t1068t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1499.002t1499.003t1595t1595.001t1595.002t1595.003targeting databasetcptcp protocoltelnet threatthreat actorthreat intelligencetor nodetsecunauthorized accessunited statesvncvnc protocolweb traffic

Activity Timeline

1 total obs
May 22May 22

Threat Activity Heatmap

· Peak: 2026-05-22
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
18
Reports
First seenDec 26, 2020
Last seenMay 22, 2026
GeolocationLT
CountryLithuania
LocationKaunas, Kaunas
ASNAS48721
OrgFlyservers S.A
Coords43.7312, 7.4138

VirusTotal

Not checked

WHOIS

description
HoneyNet Event: 194.165.16.13 connected: 6 times over ports: 3390 Tags: P0f, Honeytrap,3390
raw
inetnum: 194.165.16.0 - 194.165.17.255 netname: PA-FLYSERVERS country: EU org: ORG-FS255-RIPE admin-c: FGNO1-RIPE tech-c: FGNO1-RIPE status: ASSIGNED PI mnt-by: mnt-pa-flyservers-1 mnt-by: RIPE-NCC-END-MNT created: 2021-12-15T13:46:35Z last-modified: 2021-12-15T17:17:28Z source: RIPE organisation: ORG-FS255-RIPE org-name: Flyservers S.A. country: PA org-type: LIR address: 50th Street, Global Bank Tower, Suite 1801 address: 0831-2482 address: Panama City address: PANAMA phone: +5078321840 admin-c: FGNO1-RIPE mnt-ref: Mnets-Admin tech-c: FGNO1-RIPE abuse-c: FGNO1-RIPE mnt-ref: mnt-pa-flyservers-1 mnt-by: RIPE-NCC-HM-MNT mnt-by: mnt-pa-flyservers-1 created: 2018-12-04T17:00:47Z last-modified: 2022-02-01T07:35:14Z source: RIPE # Filtered role: FLYSERVERS GLOBAL NETWORK OPERATION CENTRE address: 50th Street, Global Bank Tower, Suite 1801 address: Panama abuse-mailbox: [email protected] nic-hdl: FGNO1-RIPE mnt-by: mnt-pa-flyservers-1 created: 2021-02-10T10:06:27Z last-modified: 2021-02-10T10:06:27Z source: RIPE # Filtered route: 194.165.16.0/24 origin: AS48721 mnt-by: mnt-pa-flyservers-1 created: 2021-12-15T17:18:44Z last-modified: 2021-12-15T17:18:44Z source: RIPE
references
https://purplesynapz.com/, QilinIoC.txt, https://twitter.com/RdpSnitch/status/1607892890243457024, https://twitter.com/RdpSnitch/status/1607892891711438848

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 22 days ago
Appeared in 18 threat reports