IOC Radar
IPMediumSignal 23/100

149.56.140.114

Location
CanadaCanada
Montreal, QC
ASN
AS16276
OVH Hosting, Inc.
First Seen
Jan 20, 2023
Last Seen
Oct 3, 2025
Jan 20
First Seen
1248d ago
Oct 3
Last Seen
260d ago
11
Reports
source reports
23%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
23%
Signal Score
23 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Network Information

CountryCACanada
RegionMontreal, QC
ASNAS16276
OrganizationOVH Hosting, Inc.

Feed Intelligence Summary

11 reports23% confidence
11
Source reports
23%
Confidence score
Category tags
abuseaccess controlactive scanningaerospace & defenseattackauthentication failureautomotive manufacturingbotnetbrute forcebrute force attackcanadacivil servicescommand and controlcredential accesscredential harvestingcredential stuffingcyber securitydata exfiltrationdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydistributed attackselectronics manufacturingeuropeftp brute forcegovernment technologyindicatorindustrial automationindustrial iotindustrial productionioclogin attacklogin failuremalicious activitymalicious softwaremalwaremanufacturing technologymilitary operationsnational securitynetworknetwork scanningnetwork securitynextraynmapnorth americapassword attacksphishing attackport-scanprocess injectionprocess manufacturingpublic administrationpublic infrastructurepublic policyquality controlreconnaissanceregulatory agenciesresearchedscannersecurity operationssecurity policysocial engineeringssh attacksupply chain managementt1055t1059t1059.004t1071.001t1078t1078.001t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat intelligencethreat preventionudp port scanunited kingdom

Activity Timeline

1 total obs
Oct 3Oct 3

Threat Activity Heatmap

· Peak: 2025-10-03
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreLow Risk
23
SIGNAL
Signal Score
23%
Confidence
11
Reports
First seenJan 20, 2023
Last seenOct 3, 2025
GeolocationCA
CountryCanada
LocationMontreal, QC
ASNAS16276
OrgOVH Hosting, Inc.
Coords45.4995, -73.5848

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
raw
OVH Hosting, Inc. HO-2 (NET-149-56-0-0-1) 149.56.0.0 - 149.56.255.255 OVH Hosting, Inc. OVH-VPS-149-56-140 (NET-149-56-140-0-1) 149.56.140.0 - 149.56.143.255
references
https://jamesbrine.com.au/nmap-scanning-list-2023-05-16/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 8 months ago
Appeared in 11 threat reports