194.165.16.12 Threat Intelligence and Host Information

Aug 27, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 194.165.16.12 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force

  • Tags: brute force, cisco, cowrie, honeytrap, LAMP, malicious, nmap, port-scan, rdp, sftp, ssh

  • View other sources: Spamhaus VirusTotal

  • Country: Monaco
  • Network:
  • Noticed: 5 times
  • Protocols Attacked: SSH
  • Countries Attacked: Australia

Malware Detected on Host

Count: 6281 f1c684c0b293e53212e0edf9429bb7adc7bf6b56373c5d2eee010ea2a94c37ad 55f040af3c22106201ae7ac1088bf4b00f2ef92a048998b59630032fdf156562 8ce7086fa9037560fe7517781c47b6767560837e6443e78962dea9083c4586c7 bcfdf42151c555fdebb25fd7882bd412c7e6291c688561610283740c55434ae4 cdd23ad25c98df9187a7e8b2792fbe0cc99d258f190b2280b54af3fee4109468 74c1db55929de92b9323a1db1cc4866f955759644bfdb43c7b8ef34a67cf7afa d8c2bbc88ca90b2bb12f2feb7be9724900e7f0b126028e7c4276fbeaf72279c8 22be4c8b3e918520dc86d436d08d7f98da4e4280b694cf1f5604b4a374be61bb 37bc651598dc25b0b5d5702c0abecaddcb1f5b249bb0ddbd8ba6429e05baba12 c5b92712a2c933cce5c6c0099dfebd6e36eba427150d18baec00ce5968696f77

Map

Whois Information

  • inetnum: 194.165.16.0 - 194.165.17.255
  • netname: PA-FLYSERVERS
  • country: EU
  • org: ORG-FS255-RIPE
  • admin-c: FGNO1-RIPE
  • tech-c: FGNO1-RIPE
  • status: ASSIGNED PI
  • mnt-by: mnt-pa-flyservers-1
  • mnt-by: RIPE-NCC-END-MNT
  • created: 2021-12-15T13:46:35Z
  • last-modified: 2021-12-15T17:17:28Z
  • organisation: ORG-FS255-RIPE
  • org-name: Flyservers S.A.
  • country: PA
  • org-type: LIR
  • address: 50th Street, Global Bank Tower, Suite 1801
  • address: 0831-2482
  • address: Panama City
  • address: PANAMA
  • phone: +5078321840
  • admin-c: FGNO1-RIPE
  • mnt-ref: Mnets-Admin
  • tech-c: FGNO1-RIPE
  • abuse-c: FGNO1-RIPE
  • mnt-ref: mnt-pa-flyservers-1
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: mnt-pa-flyservers-1
  • created: 2018-12-04T17:00:47Z
  • last-modified: 2022-02-01T07:35:14Z
  • role: FLYSERVERS GLOBAL NETWORK OPERATION CENTRE
  • address: 50th Street, Global Bank Tower, Suite 1801
  • address: Panama
  • abuse-mailbox: abuse@flyservers.com
  • nic-hdl: FGNO1-RIPE
  • mnt-by: mnt-pa-flyservers-1
  • created: 2021-02-10T10:06:27Z
  • last-modified: 2021-02-10T10:06:27Z
  • route: 194.165.16.0/24
  • origin: AS48721
  • mnt-by: mnt-pa-flyservers-1
  • created: 2021-12-15T17:18:44Z
  • last-modified: 2021-12-15T17:18:44Z

Links to attack logs

****** nmap-scanning-list-2022-09-01 ****** ******

Share on: