IPMediumSignal 65/100
145.239.154.84
Location
FranceGravelines, Hauts-de-France
ASN
AS16276
OVH
First Seen
Nov 7, 2021
Last Seen
Jun 18, 2026
Found in 25 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryFrance
FranceRegionGravelines, Hauts-de-France
ASNAS16276
OrganizationOVH
IP Category
⟲
Proxy
Proxy server
Feed Intelligence Summary
25 reports65% confidence
25
Source reports
65%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningbad reputationbad web botblacklist hitblacklist ipblacklisted ip activitybotnetbotnet activitybrute forcebrute force attackbrute force attackscode executioncode injectioncommand and controlcommand executioncommand injectioncommon web exploitscommunication protocolcredential accesscredential harvestingcredential stuffingdata encryptiondata exfiltrationdata exfiltration attemptsdata store exposuredatabase probingdatabase securityddosddos attackdecoy systemdenial of servicedhcpdhcp abusedhcp probingdirectory traversaldistributed attackselasticsearchelasticsearch enumerationelasticsearch vulnerability exploitationencryptionenumerationeuropeexploitation activityexploited hostfinlandfrfranceftpftp brute forceftp brute-forceftp exploitationgermanyhackinghoneynet connecthttp brute forcehttp scannerhttpsidentity & access exploitationidsimapimap brute forceindicatorinformation gatheringinfrastructure acquisitionreconnaissanceinjection activityinjection attacksiociot securityiot targetedipslateral movementldapldap enumerationldap injectionldap probinglfilogin attemptmalicious softwaremalwaremanualmemcached amplification attemptmemcached attackmemcached exploitationmssqlmssql brute forcemssql exploitationnetworknetwork enumerationnetwork intrusionnetwork intrusion attemptsnetwork monitoringnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynorth americantpntp amplificationntp amplification attemptoracleoracle databaseoracle database attackoracle exploitationoracle scanningpassword attackpassword attacksphishingphishing attackpolandpostgres exploitationpostgresql scanningprocess injectionprotocol exploitationproxyqhn honeypotqhoneypot detectionreconnaissanceredis enumerationredis exploitationremote accessremote servicesresearchedrfiscanscannerscanning activitysecurity policyserver exploitationsmb brute forcesmb exploitationsmb scanningsmtp brute forcesnmp enumerationsnmp exploitationsocial engineeringsocks5socks5 proxysocks5 proxy detectionsocks5 proxy usespainspamsql injectionssh attackssh exploitationt1016t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1053t1055t1059t1059.001t1059.003t1059.004t1059.005t1068t1071t1071.001t1076t1077t1078t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1192t1195t1199t1203t1486t1496t1499.001t1499.002t1499.003t1505.004t1563t1565t1566t1566.001t1566.002t1566.003t1587.001t1588t1590t1590.001t1592t1595t1595.001t1595.002t1595.003t1600targeting databasetcp scantelnet exploitationtelnet threatthreat actorthreat intelligencethreat preventiontor nodetsecudp scanunauthorized access attemptunauthorized access attemptsunited statesvnc protocolvulnerability scanwafwaf bypassweb application attackweb exploitationweb spamweb trafficxss
Activity Timeline
Jun 18Jun 18
Threat Activity Heatmap
LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
25
Reports
First seenNov 7, 2021
Last seenJun 18, 2026
GeolocationFR
CountryFrance
LocationGravelines, Hauts-de-France
ASNAS16276
OrgOVH
Coords50.9871, 2.1255
Proxy
VirusTotal
Not checked
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 4 years ago · Last seen 2 days ago
Appeared in 25 threat reports