IOC Radar
IPMediumSignal 79/100

204.76.203.196

Location
Saint Kitts and NevisSaint Kitts and Nevis
Eygelshoven, Bayern
ASN
AS51396
Intelligence Hosting LLC
First Seen
Jan 29, 2025
Last Seen
Jun 17, 2026
Jan 29
First Seen
512d ago
Jun 17
Last Seen
7d ago
16
Reports
source reports
79%
Confidence
medium
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
79%
Signal Score
79 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountryKNSaint Kitts and Nevis
RegionEygelshoven, Bayern
ASNAS51396
OrganizationIntelligence Hosting LLC

Feed Intelligence Summary

16 reports79% confidence
16
Source reports
79%
Confidence score
Category tags
abuseabusech-urlhaus-c2cactive scanactive scanningaptarmasciiattackbad reputationbotnetbotnet activitybrute forcebrute force attackerc2coinminercommand & controlcryptocurrencydedropped-by-phorpiexelfencodedeuropeexeexecutable filegafgytgermanyguloaderhackinghajimeindicatorinfostealerm68kmalicious activitymalwaremipsmiraimozinetherlandsnetworknlopendirphishingpowerpcratreconnaissanceredtailremcosratresearchedrisc-vrustystealersaint helena, ascension and tristan da cunhasaint kitts and nevisscams & fraudscannerself-signedshsparcsuperht1595.001t1595.002t1595.003threat actortor nodetrojanua-wgetx86x86-32zip

Activity Timeline

1 total obs
Jun 17Jun 17

Threat Activity Heatmap

· Peak: 2026-06-17
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
79
SIGNAL
Signal Score
79%
Confidence
16
Reports
First seenJan 29, 2025
Last seenJun 17, 2026
GeolocationKN
CountrySaint Kitts and Nevis
LocationEygelshoven, Bayern
ASNAS51396
OrgIntelligence Hosting LLC
Coords48.6350, 13.3426

VirusTotal

Not checked

WHOIS

raw
inetnum: 204.75.230.0 - 204.76.255.255 netname: NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK descr: IPv4 address block not managed by the RIPE NCC remarks: ------------------------------------------------------ remarks: remarks: For registration information, remarks: you can consult the following sources: remarks: remarks: IANA remarks: http://www.iana.org/assignments/ipv4-address-space remarks: http://www.iana.org/assignments/iana-ipv4-special-registry remarks: http://www.iana.org/assignments/ipv4-recovered-address-space remarks: remarks: AFRINIC (Africa) remarks: http://www.afrinic.net/ whois.afrinic.net remarks: remarks: APNIC (Asia Pacific) remarks: http://www.apnic.net/ whois.apnic.net remarks: remarks: ARIN (Northern America) remarks: http://www.arin.net/ whois.arin.net remarks: remarks: LACNIC (Latin America and the Carribean) remarks: http://www.lacnic.net/ whois.lacnic.net remarks: remarks: ------------------------------------------------------ country: EU # Country is really world wide admin-c: IANA1-RIPE tech-c: IANA1-RIPE status: ALLOCATED UNSPECIFIED mnt-by: RIPE-NCC-HM-MNT created: 2025-07-08T14:17:14Z last-modified: 2025-07-08T14:17:14Z source: RIPE role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-RIPE tech-c: IANA1-RIPE nic-hdl: IANA1-RIPE remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: RIPE-NCC-MNT created: 1970-01-01T00:00:00Z last-modified: 2001-09-22T09:31:27Z source: RIPE # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 7 days ago
Appeared in 16 threat reports