IPMediumSignal 77/100
92.154.31.189
Location
FranceFontcouverte-la Toussuire, Île-de-France
ASN
AS3215
Orange
First Seen
Jun 14, 2025
Last Seen
Apr 7, 2026
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
77%
Signal Score
77 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryFrance
FranceRegionFontcouverte-la Toussuire, Île-de-France
ASNAS3215
OrganizationOrange
Feed Intelligence Summary
10 reports77% confidence
10
Source reports
77%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningattackbad reputationbotnetbotnet activitybrute forcebrute force attackcommand and controlcommunication protocolcompromised credentials attemptcowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposureddosddos attacksdecoy systemdionaea honeypotdistributed attacksenumerationeuropeexploitationexploitation activityfailed login attemptsfrancehoneytrap honeypotidentity & access exploitationindicatorinjection activityinternet of thingsintrusion detectioniot botnetiot securityiot/ics attacklamplamp exploitation attemptmalicious activitymalicious payload attemptmalicious softwaremalwaremalware behaviourmalware capturemirai botnetnetworknetwork attacksnetwork intrusion attemptsnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attackspassword sprayingpotential malware uploadprocess injectionprotocol exploitationransomwarereconnaissanceremote accessresearchedscanscannersecurity policyservice scansftp attackshellsocradar honeypotssh attackssh monitoringt1016t1021t1021.002t1021.004t1040t1041t1046t1047t1055t1059t1059.004t1068t1071.001t1078t1078.001t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1555t1565t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor node
Activity Timeline
Apr 7Apr 7
Threat Activity Heatmap
· Peak: 2026-04-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
77
SIGNAL
Signal Score
77%
Confidence
10
Reports
First seenJun 14, 2025
Last seenApr 7, 2026
GeolocationFR
CountryFrance
LocationFontcouverte-la Toussuire, Île-de-France
ASNAS3215
OrgOrange
Coords48.8323, 2.4075
VirusTotal
Not checked
WHOIS
- description
- dionaea, heralding, malicious, ssh, sftp, cowrie, LAMP, honeytrap
- raw
- inetnum: 92.154.31.0 - 92.154.31.255 netname: IP2000-ADSL-BAS descr: LNPUT658 Puteaux country: FR admin-c: WITR1-RIPE tech-c: WITR1-RIPE status: ASSIGNED PA remarks: for hacking, spamming or security problems send mail to remarks: [email protected] mnt-by: FT-BRX created: 2016-07-08T13:59:47Z last-modified: 2022-05-17T07:29:19Z source: RIPE role: Wanadoo France Technical Role address: FRANCE TELECOM/SCR address: 48 rue Camille Desmoulins address: 92791 ISSY LES MOULINEAUX CEDEX 9 address: FR phone: +33 1 58 88 50 00 abuse-mailbox: [email protected] admin-c: BRX1-RIPE tech-c: BRX1-RIPE nic-hdl: WITR1-RIPE mnt-by: FT-BRX created: 2001-12-04T17:57:08Z last-modified: 2013-07-16T14:09:50Z source: RIPE # Filtered route: 92.154.0.0/17 descr: France Telecom Orange origin: AS3215 mnt-by: RAIN-TRANSPAC mnt-by: FT-BRX created: 2012-11-22T09:05:56Z last-modified: 2012-11-22T09:05:56Z source: RIPE
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 2 months ago
Appeared in 10 threat reports