IPMediumSignal 16/100
145.239.16.70
Location
PolandWroclaw, Lower Silesia
ASN
AS16276
OVH Sp. z o. o
First Seen
Aug 22, 2025
Last Seen
Jun 6, 2026
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
16%
Signal Score
16 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryPoland
PolandRegionWroclaw, Lower Silesia
ASNAS16276
OrganizationOVH Sp. z o. o
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
7 reports16% confidence
7
Source reports
16%
Confidence score
Category tags
active scanactive scanninganonymity serviceanonymization networkanonymization network trafficanonymization networksanonymization servicesanonymous proxy networkanonymous_proxyapplication layer protocolattackattack infrastructureattack-vector:brute-forceattack-vector:port-scanauthentication attemptsautomated network attacksbrute forcebrute force attackbrute force attacksbrute_forcebrute_force_attackcommunication protocolcredential accesscredential attackcredential stuffingcredential_attackcredential_guessingcredential_stuffingdata encryptionddosdenial of serviceencryptionenumeration activityeuropeevent-type:credential-accessevent-type:initial-accessevent-type:reconnaissanceexploitation activityexternal threatfailed login attemptsfinlandfranceftpftp brute forceftp_brute_forcegermanyhoneynet connecthttp brute forcehttp scannerhttp/shttp_httpshttpsi2p networkidentity & access exploitationindicatorindicators of compromiseindicators_of_compromiseinformation technologyinitial accessinitial_accessiocit infrastructurelateral movementlogin attemptmalicious activitymalicious_activitymalicious_ip_activitymalwarenetworknetwork attacksnetwork enumerationnetwork intrusionnetwork intrusion attemptnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnetwork_enumerationnetwork_reconnaissancenorth americapassword attackpassword attackspolandprotocol exploitationprotocol:ftpprotocol:httpprotocol:httpsprotocol:rdpprotocol:smtpprotocol:sshprotocol:telnetproxyproxy networkproxy serverproxy serversransomwarerdp_brute_forcereconnaissancereconnaissance activityremote accessremote servicesresearchedscanning activitysecurity operationssecurity_eventservice discoveryservice scanservice scanningsmb brute forcesmtpsmtp brute forcesoftware developmentssh attackssh_brute_forcesuspected malicious activityt1016t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1077t1078t1090t1090 - proxyt1090.002t1090.003t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1499.002t1499.003t1563t1583t1589.002t1590t1590.005t1592t1595t1595.001t1595.002t1595.003tcp scantcp scanningtelnet threatthreat actorthreat intelligencethreat-actor:unattributedthreat_actor_activitythreat_indicatorthreat_intelligencetortor networktor nodeudp scanunauthorized accessunauthorized access attemptunauthorized access attemptsunidentified threat actorunited statesunknown threat actorvpnvpn networkvpn servicevulnerability scanweb traffic
Activity Timeline
Jun 6Jun 6
Threat Activity Heatmap
· Peak: 2026-06-06LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
16
SIGNAL
Signal Score
16%
Confidence
7
Reports
First seenAug 22, 2025
Last seenJun 6, 2026
GeolocationPL
CountryPoland
LocationWroclaw, Lower Silesia
ASNAS16276
OrgOVH Sp. z o. o
Coords51.0980, 17.0321
ProxyVPN
VirusTotal
Not checked
WHOIS
- description
- Anonymization_Network indicators. Date: Apr 8, 2026. Part 3/5. For more threat intelligence visit https://ltna.com.au/cyber
- raw
- inetnum: 145.239.16.64 - 145.239.16.127 netname: OVH-DEDICATED-FO country: PL descr: Failover IPs org: ORG-OS23-RIPE admin-c: OTC12-RIPE tech-c: OTC12-RIPE status: ASSIGNED PA mnt-by: OVH-MNT created: 2017-06-20T09:50:08Z last-modified: 2017-06-20T09:50:08Z source: RIPE organisation: ORG-OS23-RIPE org-name: OVH Sp. z o. o. org-type: OTHER address: ul. Swobodna 1 address: 50-088 Wroclaw address: Poland admin-c: OTC2-RIPE mnt-ref: OVH-MNT mnt-by: OVH-MNT created: 2005-09-02T12:40:01Z last-modified: 2019-08-08T07:47:57Z source: RIPE # Filtered role: OVH PL Technical Contact address: OVH Sp. z o. o. address: ul. Swobodna 1 address: 54-088 Wroclaw address: Poland admin-c: OK217-RIPE tech-c: GM84-RIPE nic-hdl: OTC12-RIPE abuse-mailbox: [email protected] mnt-by: OVH-MNT created: 2009-09-16T16:09:56Z last-modified: 2019-08-08T07:50:01Z source: RIPE # Filtered route: 145.239.0.0/16 descr: OVH origin: AS16276 mnt-by: OVH-MNT created: 2017-06-19T13:48:30Z last-modified: 2017-06-19T13:48:30Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 9 months ago · Last seen 8 days ago
Appeared in 7 threat reports