IPMediumSignal 53/100
94.232.247.192
Location
FranceVélizy-Villacoublay, Ile-de-France
ASN
AS209847
WorkTitans B.V
First Seen
Jan 24, 2025
Last Seen
Jun 19, 2026
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
53%
Signal Score
53 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryFrance
FranceRegionVélizy-Villacoublay, Ile-de-France
ASNAS209847
OrganizationWorkTitans B.V
IP Category
⟲
Proxy
Proxy server
Feed Intelligence Summary
9 reports53% confidence
9
Source reports
53%
Confidence score
Category tags
active scanningaddressadministrative platformanonymization networksapplication layer protocolaptapt groupaustraliabankingblocknovasbotnetbrute forcebrute force attackbrute force attacksc2 infrastructurecallcode executioncommand and controlcommand executioncommercial vpncommunication protocolcompromised accountscredential accesscredential harvestingcredential stuffingcredit card servicescrucial rolecryptocurrency miningcryptocurrency theftcryptocurrency threatscryptojackingcyber espionagecybercrime infrastructure exploitationdata breachdata encryptiondata exfiltrationdata theftdistributed attacksdod reportdprkdprk itenergyenergy distributioneuropeeurope/asiaexfiltrationfamous chollimafictitious companiesfinancefinancial crimefinancial servicesfinancial technologyfrfranceftpftp brute forcehttp brute forcehttp scannerhttpsiaas abuseiissiiss reportinformation technologyinfrastructure abuseinfrastructure compromiseinitial accessinvisible ferretit infrastructureit targetingjob interview scamjob scamkorea, democratic people's republic ofkoreanlateral movementlazaruslazarus groupmalicious softwaremalicious websitemalwaremalware campaignmalware deliverymalware distributionmoldova, republic ofnetworknetwork protocolnetwork scanningnetwork securitynetwork service scanningnorth korea aptnorth korean cybercrimeoceaniaoil & gasoperation phantom circuitpassword attackspayment processingphishingphishing attackpower generationpower systemsprocess injectionprotocol exploitationproxyproxy serverproxy serversransomwarerdp serversreact frameworkreconnaissanceremote accessremote access toolsremote access trojanremote servicesrenewable energyresearchedresource hijackingrussiarussian infrastructurescanning activitysecurity operationssocial engineeringsoftware developmentsoftware exploitationssh attacksupply chainsupply chain attacksyn scant1003t1011t1016t1021t1021.001t1021.002t1027t1027.005t1040t1041t1047t1049t1053t1055t1059t1059.004t1068t1071t1071.001t1076t1077t1078t1090t1102t1105t1106t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1195t1199t1203t1204t1219t1486t1496t1499.002t1499.003t1563t1565t1566t1566.001t1566.002t1566.003t1567t1572t1573t1574t1583t1586t1588t1588.002t1589t1590t1591t1592t1595t1595.001t1595.002t1595.003t1598t1598.003telnet threatthreat intelligenceudp port scanvoid dokkaebivoiddokkaebivpn abusevpsvps serverswealth managementweb applicationweb trafficwebsite
Activity Timeline
Jun 19Jun 19
Threat Activity Heatmap
· Peak: 2026-06-19LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
53
SIGNAL
Signal Score
53%
Confidence
9
Reports
First seenJan 24, 2025
Last seenJun 19, 2026
GeolocationFR
CountryFrance
LocationVélizy-Villacoublay, Ile-de-France
ASNAS209847
OrgWorkTitans B.V
Coords48.7836, 2.1985
Proxy
VirusTotal
Not checked
WHOIS
- description
- CC=US ASN=AS7018 att services inc
- raw
- inetnum: 94.232.247.0 - 94.232.247.255 netname: STARK country: FR geofeed: https://stark-industries.solutions/geofeed.csv org: ORG-SISL18-RIPE admin-c: SICK1337-RIPE tech-c: SICK1337-RIPE status: ASSIGNED PA mnt-by: STARK-MNT created: 2024-04-08T22:48:31Z last-modified: 2024-04-08T22:48:31Z source: RIPE organisation: ORG-SISL18-RIPE org-name: STARK INDUSTRIES SOLUTIONS LTD. org-type: OTHER address: 71-75, Shelton Street address: Covent Garden address: London address: WC2H 9JQ address: UNITED KINGDOM phone: +442045770080 abuse-c: SICK1337-RIPE mnt-ref: STARK-MNT mnt-ref: MEREZHA-MNT mnt-ref: MNT-DGTL mnt-ref: LVNET-MNT mnt-ref: InterLIR-mnt mnt-ref: IPSMAIN mnt-ref: mnt-de-airbit-1 mnt-ref: lir-ae-goldip-1-MNT mnt-ref: MNT-NETERRA mnt-by: STARK-MNT created: 2022-02-11T19:47:43Z last-modified: 2024-07-25T08:31:11Z source: RIPE # Filtered role: Stark Industries Solutions NOC address: UNITED KINGDOM address: WC2H 9JQ address: London address: Covent Garden address: 71-75, Shelton Street phone: +441234416080 abuse-mailbox: [email protected] remarks: remarks: ********************************************************** remarks: * For spam/abuse/security issues please contact * remarks: * [email protected] * remarks: * The contents of your abuse email will be * remarks: * forwarded directly on to our client for * remarks: * handling. * remarks: ********************************************************** remarks: remarks: ********************************************************** remarks: * Any questions on Peering/Routing please send to * remarks: * [email protected] * remarks: ********************************************************** remarks: remarks: ********************************************************** remarks: * Any police request please send to * remarks: * [email protected] * remarks: ********************************************************** remarks: nic-hdl: SICK1337-RIPE mnt-by: STARK-MNT created: 2022-02-11T01:48:55Z last-modified: 2022-12-21T20:26:43Z source: RIPE # Filtered route: 94.232.247.0/24 origin: AS44477 mnt-by: STARK-MNT created: 2024-04-08T22:48:31Z last-modified: 2024-04-08T22:48:31Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 3 days ago
Appeared in 9 threat reports