IPMediumSignal 25/100
54.36.148.97
Location
FranceRoubaix, Hauts-de-France
ASN
AS16276
OVH
First Seen
Sep 14, 2020
Last Seen
Apr 7, 2026
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
25%
Signal Score
25 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryFrance
FranceRegionRoubaix, Hauts-de-France
ASNAS16276
OrganizationOVH
Feed Intelligence Summary
13 reports25% confidence
13
Source reports
25%
Confidence score
Category tags
abuseaccessaccommodation and food servicesaccommodation servicesactive scanactive scanningadbhoney honeypotahrefs-benignattackbad reputationbad web botbeningbening scannerbotnetbotnet activitybrute forcebrute force attackcisco devicecommand and controlcommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosdecoy systemdenial of servicedevice managementdionaea honeypotdistributed attacksemailenterprise networkingeuropeexploitation activityfood servicesfranceftp brute forcegithubgroupsguest serviceshackinghoneytrap honeypothospitality technologyhotelsidentity & access exploitationindicatorinjection activitylamplateral movementlicensemailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork enumerationnetwork infrastructurenetwork scanningnetwork securitypassword attacksphishingphishing attackphishing trappotential malicious activityprocess injectionpythonreconnaissanceresearchedresource hijackingrestaurant operationsscannerscriptsentrypeer botnetservice enumerationsftpsftp attackslugsmtp brute forcesocial engineeringsql inyectionsshssh attackssh monitoringsurface webt1021t1021.004t1040t1041t1055t1059t1059.004t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat detectionthreat intelligencetor nodetourismunauthorized access attemptsunidentified attackerverified-benignvoipvoip attackweb application attackweb exploitation
Activity Timeline
Apr 7Apr 7
Threat Activity Heatmap
· Peak: 2026-04-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
25
SIGNAL
Signal Score
25%
Confidence
13
Reports
First seenSep 14, 2020
Last seenApr 7, 2026
GeolocationFR
CountryFrance
LocationRoubaix, Hauts-de-France
ASNAS16276
OrgOVH
Coords48.8582, 2.3387
VirusTotal
Not checked
WHOIS
- description
- Unknown source type: h0neytr4p
- raw
- inetnum: 54.36.148.0 - 54.36.151.255 netname: OVH-DEDICATED-FO country: FR descr: Failover IPs org: ORG-OS3-RIPE admin-c: OTC2-RIPE tech-c: OTC2-RIPE status: LEGACY mnt-by: OVH-MNT created: 2017-09-21T07:52:45Z last-modified: 2017-09-21T07:52:45Z source: RIPE organisation: ORG-OS3-RIPE org-name: OVH SAS country: FR org-type: LIR address: 2 rue Kellermann address: 59100 address: Roubaix address: FRANCE phone: +33972101007 admin-c: OTC2-RIPE admin-c: OK217-RIPE admin-c: GM84-RIPE abuse-c: AR15333-RIPE mnt-ref: OVH-MNT mnt-ref: RIPE-NCC-HM-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: OVH-MNT created: 2004-04-17T11:23:17Z last-modified: 2020-12-16T10:24:51Z source: RIPE # Filtered role: OVH Technical Contact address: OVH SAS address: 2 rue Kellermann address: 59100 Roubaix address: France admin-c: OK217-RIPE tech-c: GM84-RIPE tech-c: SL10162-RIPE nic-hdl: OTC2-RIPE abuse-mailbox: [email protected] mnt-by: OVH-MNT created: 2004-01-28T17:42:29Z last-modified: 2014-09-05T10:47:15Z source: RIPE # Filtered route: 54.36.0.0/16 origin: AS16276 mnt-by: OVH-MNT created: 2017-10-06T07:57:47Z last-modified: 2017-10-06T07:57:47Z source: RIPE
- references
- https://github.com/telekom-security/tpotce, counter.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 5 years ago · Last seen 2 months ago
Appeared in 13 threat reports