IPMediumSignal 63/100

`216.239.90.19`

Location

Canada

Montreal, Quebec

ASN

AS10996

VIF Internet

First Seen

Aug 26, 2020

Last Seen

Jun 10, 2026

Aug 26

First Seen

2114d ago

Jun 10

Last Seen

today

Reports

source reports

63%

Confidence

medium

6/91

VirusTotal

detections

Found in 43 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

63%

Signal Score

63 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

61 techniques

Network Information

Country

Canada

RegionMontreal, Quebec

ASNAS10996

OrganizationVIF Internet

IP Category

⟲

Proxy

Proxy server

⊕

VPN

VPN exit node

Feed Intelligence Summary

43 reports63% confidence

Source reports

63%

Confidence score

Category tags

access controlactive scanactive scanningaerospace & defenseanonymity serviceanonymization networkanonymization network trafficanonymization networksanonymization servicesanonymization_network_originanonymization_service_trafficanonymous proxiesanonymous proxy networkanonymous_proxyapplication layer protocolattackattack infrastructureattack-vector:brute-forceattack-vector:port-scanauthenticationauthentication attemptsauthentication failureautomated network attacksautomated_attackautomotive manufacturingbad web botbelgiumblock-or-filter-listbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute-forcebrute_forcebrute_force_attackc2cacanadacivil servicescommand & controlcommand and controlcommunication protocolcompromised hostcowrie honeypotcredential accesscredential attackcredential harvestingcredential stuffingcredential_accesscredential_attackcredential_guessingcredential_stuffingdarkforumsdata encryptiondata exfiltrationdata store exposureddosddos attackdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedenial-of-servicedetected botnet activitydistributed attacksdos-ddoselectronics manufacturingencryptionenumerationenumeration activityeuropeevent-type:credential-accessevent-type:initial-accessevent-type:reconnaissanceexit-relayexploitation activityexploited hostexternal threatfailed loginfailed login attemptsfeed-osintfireholfleet managementfreight servicesftpftp brute forceftp_attemptsftp_brute_forcegovernment technologyhackinghttp brute forcehttp scannerhttp scanninghttp/shttp_httpshttpshttps scanningi2p networkidentity & access exploitationindicatorsindicators of compromiseindicators_of_compromiseindustrial automationindustrial iotindustrial productioninformation technologyinitial accessinitial_accessinitial_access_attemptinjection activityintrusion detectioniociot securityit infrastructurekillnetlateral movementloginlogin attemptmalicious activitymalicious softwaremalicious_activitymalicious_ip_activitymalwaremalware distributionmanufacturing technologymaritime transportmilitary operationsnational securitynetworknetwork attacksnetwork communicationnetwork enumerationnetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnetwork_attacknetwork_enumerationnetwork_indicatorsnetwork_reconnaissancenextraynorth americapassenger transportationpassword attackpassword attacksphishingphishing attackpossible credential stuffingpotential botnet activitypotential threat actorprocess injectionprocess manufacturingprotocol exploitationprotocol scanningprotocol:ftpprotocol:httpprotocol:httpsprotocol:rdpprotocol:smtpprotocol:sshprotocol:telnetprotocol_scanningproxyproxy ipsproxy networkproxy serverproxy serverspublic administrationpublic infrastructurepublic policyquality controlrail transportransomwarerdp_attemptsrdp_brute_forcereconnaissancereconnaissance activityregulatory agenciesremote accessremote servicesresearchedscannerscanning activitysecurity operationssecurity policysecurity_eventservice discoveryservice enumerationservice scanservice scanningsftp attacksftp exploitation attemptssmtpsocial engineeringsoftware developmentspamspamhaussshssh attackssh monitoringssh_attemptsssh_brute_forcesupply chain attacksupply chain managementsuspected malicious activitysyn scant1016t1018t1021t1021.001t1021.002t1021.004t1040t1041t1046t1053t1055t1056t1059t1071t1071.001t1076t1077t1078t1083t1090t1090 - proxyt1090 proxyt1090.002t1090.003t1105t1110t1110 brute forcet1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1498t1499.001t1499.002t1499.003t1563t1564.003t1565t1566t1566.001t1566.002t1566.003t1571t1573t1583t1583.001t1588t1588.002t1589t1589.001t1589.002t1590t1590.001t1590.005t1592t1595t1595 active scanningt1595.001t1595.002t1595.003tcp protocoltcp scantcp scanningtelnet threattelnet_attemptsthreat actorthreat actor: killnetthreat infrastructurethreat intelligencethreat preventionthreat-actor:unattributedthreat_activitythreat_actor_activitythreat_indicatorthreat_intelligencethreat_intelligence_feedtortor networktor network activitytor nodetor-exit-nodestor-guard-nodestor_exit_nodetransportation and warehousingtransportation infrastructuretransportation technologytsectype osintudp scanunattributed_threat_activityunauthorized accessunauthorized access attemptunauthorized access attemptsunidentified threat actorunknown threat actorvpnvpn networkvpn servicevpn trafficvulnerability scanweb app attackweb application attackweb exploitationweb spamweb traffic

Activity Timeline

1 total obs

Jun 10Jun 10

Threat Activity Heatmap

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

63%

Confidence

Reports

First seenAug 26, 2020

Last seenJun 10, 2026

GeolocationCA

CountryCanada

LocationMontreal, Quebec

ASNAS10996

OrgVIF Internet

Coords45.5020, -73.5586

ProxyVPN

VirusTotal

6/ 91vendors flagged

7% detection rateJun 11, 2026

WHOIS

description: Anonymization_Network indicators. Date: Apr 8, 2026. Part 1/5. For more threat intelligence visit https://ltna.com.au/cyber
raw: NetRange: 216.239.64.0 - 216.239.95.255 CIDR: 216.239.64.0/19 NetName: VIF-BLK-1 NetHandle: NET-216-239-64-0-1 Parent: NET216 (NET-216-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: VIF Internet (VIF) RegDate: 2000-11-22 Updated: 2012-03-02 Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE Ref: https://rdap.arin.net/registry/ip/216.239.64.0 OrgName: VIF Internet OrgId: VIF Address: 2075 Bl Robert Bourassa #400 City: Montreal StateProv: QC PostalCode: H3A 2L1 Country: CA RegDate: 2000-01-14 Updated: 2024-11-25 Ref: https://rdap.arin.net/registry/entity/VIF OrgTechHandle: TA179-ARIN OrgTechName: Al-Dik, Talal OrgTechPhone: +1-514-353-9988 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/TA179-ARIN OrgAbuseHandle: TA179-ARIN OrgAbuseName: Al-Dik, Talal OrgAbusePhone: +1-514-353-9988 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/TA179-ARIN RTechHandle: TA179-ARIN RTechName: Al-Dik, Talal RTechPhone: +1-514-353-9988 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/TA179-ARIN

`216.239.90.19`

MITRE ATT&CK TTPs

Network Information

IP Category

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy