IOC Radar
IPMediumSignal 51/100

145.239.97.206

Location
FranceFrance
Roubaix, Hauts-de-France
ASN
AS16276
Pablo Alberto Liuzzi
First Seen
Aug 1, 2025
Last Seen
Jun 13, 2026
Aug 1
First Seen
326d ago
Jun 13
Last Seen
10d ago
8
Reports
source reports
51%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

40 techniques

Network Information

CountryFRFrance
RegionRoubaix, Hauts-de-France
ASNAS16276
OrganizationPablo Alberto Liuzzi

Feed Intelligence Summary

8 reports51% confidence
8
Source reports
51%
Confidence score
Category tags
academic institutionsactive scanactive scanningauthentication attackbackdoorbotnetbotnet activitybrute forcecivil servicescommand and controlcredential accesscredential stuffingcvedata exfiltrationdata store exposuredistributed attackseducational resourceseducational serviceseducational technologyelectronic health recordsenterprise securityenumerationeuropeexploit kitexploitationexploitation activityfranceftpftp brute forcegovernment technologyhealth care and social assistancehealth information technologyhealthcare information systemshigher educationhospital managementhttp brute forceidentity & access exploitationindicatorinjection activityk-12 educationlateral movementmalicious softwaremalwaremedical servicesmicrosoft sharepointnetworknetwork intrusion attemptnetwork scanningnetwork securityon-premisespalo altopalo alto networkspassword attackpatch managementpatient carephishingpotential compromiseprocess injectionprotocol exploitationprotonpublic administrationpublic infrastructurepublic policyreconnaissanceregulatory agenciesremote accessremote code executionremote servicesresearchedrloginscanning activityservice enumerationsoftware vulnerabilitiesssh attackt1021t1021.001t1021.006t1027t1040t1055t1059t1059.001t1059.003t1059.004t1068t1071.001t1076t1078t1082t1083t1105t1110t1110.002t1133t1140t1189t1190t1204.002t1210t1213t1486t1496t1499.002t1499.003t1505.003t1552.001t1555t1563t1565t1566t1595t1595.001t1595.002t1595.003telnet threatthreat actortor nodeunauthenticated accessunauthorized access attemptunitvnc protocolvulnerabilityvulnerability scanweb applicationweb application attackweb shell

Activity Timeline

1 total obs
Jun 13Jun 13

Threat Activity Heatmap

· Peak: 2026-06-13
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
8
Reports
First seenAug 1, 2025
Last seenJun 13, 2026
GeolocationFR
CountryFrance
LocationRoubaix, Hauts-de-France
ASNAS16276
OrgPablo Alberto Liuzzi
Coords48.8582, 2.3387

VirusTotal

Not checked

WHOIS

description
CC=IT ASN=AS16276 ovh sas
raw
inetnum: 145.239.97.200 - 145.239.97.207 netname: OVH_251672083 country: IT descr: Failover Ips org: ORG-PAL8-RIPE admin-c: OTC5-RIPE tech-c: OTC5-RIPE status: ASSIGNED PA mnt-by: OVH-MNT created: 2019-12-19T10:58:25Z last-modified: 2019-12-19T10:58:25Z source: RIPE organisation: ORG-PAL8-RIPE org-name: Pablo Alberto Liuzzi org-type: OTHER address: Via Portuense 956 address: 00148 Roma address: IT phone: +39.066534735 mnt-ref: OVH-MNT mnt-by: OVH-MNT created: 2016-10-06T13:08:03Z last-modified: 2017-10-30T16:53:13Z source: RIPE # Filtered role: OVH IT Technical Contact address: OVH Srl address: Via Carlo Imbonati, 18 address: 20159 Milano address: Italia admin-c: OK217-RIPE tech-c: GM84-RIPE nic-hdl: OTC5-RIPE abuse-mailbox: [email protected] mnt-by: OVH-MNT created: 2008-09-16T16:47:07Z last-modified: 2019-05-24T08:39:22Z source: RIPE # Filtered route: 145.239.0.0/16 descr: OVH origin: AS16276 mnt-by: OVH-MNT created: 2017-06-19T13:48:30Z last-modified: 2017-06-19T13:48:30Z source: RIPE
references
https://unit42.paloaltonetworks.com/microsoft-sharepoint-cve-2025-49704-cve-2025-49706-cve-2025-53770/, https://unit42.paloaltonetworks.com/microsoft-sharepoint-cve-2025-49704-cve-2025-49706-cve-2025-53770/#post-147463-_50343o6a6han

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 10 months ago · Last seen 10 days ago
Appeared in 8 threat reports