IOC Radar
IPMediumSignal 86/100

90.84.168.147

Location
FranceFrance
Paris, Île-de-France
ASN
AS2280
FR OCB HONEY
First Seen
Mar 3, 2025
Last Seen
Jun 2, 2026
Mar 3
First Seen
465d ago
Jun 2
Last Seen
9d ago
22
Reports
source reports
86%
Confidence
medium
12/91
VirusTotal
detections
Found in 22 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
86%
Signal Score
86 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

2 techniques

Network Information

CountryFRFrance
RegionParis, Île-de-France
ASNAS2280
OrganizationFR OCB HONEY

Feed Intelligence Summary

22 reports86% confidence
22
Source reports
86%
Confidence score
Category tags
abuseactive scanapacheapache attackeraptattackbad reputationbad web botbotnet activitybrute forcebrute force attackerbrute-forcebruteforcecowriecredential stuffingcredential-harvestingddosddos attackdionaeaenv-huntingeuropeexploitation activityexploited hostfattfrfranceftp brute-forcehackingidentity & access exploitationindicatorinjection activityiot securityiot targetedkill-chain exploitationkill-chain reconnaissancelow-risknetworknginxopencanaryosintp0fportscanransomwareraspberry-piresearchedscannerscannerssensor-taggedservice scansocradar honeypotsql injectionsshssh attackt1110.001t1595.001tannertargeting databasetelnetthreat actortpotvultrweb app attack

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

This Internet Protocol (IP) address, 90.84.168.147, represents a significant and active threat that demands immediate attention. With a high threat score of 86.21 and appearances across numerous reputable threat intelligence feeds and honeypot data, it is a confirmed source of hostile network activity. Its observed behavior, including extensive port scanning and repeated brute-force login attempts, directly points to reconnaissance and initial access efforts aimed at identifying and exploiting v…

Threat ScoreHigh Risk
86
SIGNAL
Signal Score
86%
Confidence
22
Reports
First seenMar 3, 2025
Last seenJun 2, 2026
GeolocationFR
CountryFrance
LocationParis, Île-de-France
ASNAS2280
OrgFR OCB HONEY
Coords48.8575, 2.3514

VirusTotal

12/ 91vendors flagged
13% detection rateJun 3, 2026

WHOIS

description
Live malicious IPs from Raspberry Pi 5 homelab. Sources: Cowrie SSH honeypot + OpenCanary multi-protocol + Galah LLM HTTP honeypot. Updated every 30min automatically.
raw
inetnum: 90.84.168.0 - 90.84.175.255 netname: FR_OCB_HONEY descr: OBS OCB HONEY country: FR admin-c: OHEI1-RIPE tech-c: OHEI1-RIPE status: ASSIGNED PA remarks: for hacking, spamming or security problems send mail to remarks: [email protected] mnt-by: FT-BRX created: 2020-10-07T12:27:18Z last-modified: 2024-11-27T13:02:50Z source: RIPE role: OPS HONEY EGY InfraExpert1 address: OBS OCB address: 1 place des Droits de l'Homme address: 93210 La Plaine Saint-denis France phone: +201203238601 abuse-mailbox: [email protected] nic-hdl: OHEI1-RIPE mnt-by: FT-BRX created: 2016-12-19T10:05:13Z last-modified: 2025-03-11T15:38:01Z source: RIPE # Filtered route: 90.84.168.0/21 descr: FR_OCB_HONEY_2280 origin: AS2280 mnt-by: FT-BRX created: 2020-10-07T12:42:02Z last-modified: 2020-10-07T12:42:02Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 9 days ago
Appeared in 22 threat reports