2.5.4.3 Threat Intelligence and Host Information

Sep 11, 2025 ipinfopage

General

IP Address

2.5.4.3

IPv4 Address

Location

🇫🇷 Dunkirk, France

Network

AS3215

Orange

Threat Score

75/100

Critical

153177284121538573068016566017041194GreenStreet443ma2592000

Attack Intelligence

MITRE ATT&CK Techniques

T1001.001 - Junk Data, T1001.002 - Steganography, T1001.003 - Protocol Impersonation, T1003.001 - LSASS Memory, T1003.004 - LSA Secrets, T1003.005 - Cached Domain Credentials, T1003 - OS Credential Dumping, T1005 - Data from Local System, T1007 - System Service Discovery, T1010 - Application Window Discovery, T1012 - Query Registry, T1016 - System Network Configuration Discovery, T1018 - Remote System Discovery, T1021.006 - Windows Remote Management, T1021 - Remote Services, T1025 - Data from Removable Media, T1026 - Multiband Communication, T1027 - Obfuscated Files or Information, T1029 - Scheduled Transfer, T1031 - Modify Existing Service, T1033 - System Owner/User Discovery, T1036.004 - Masquerade Task or Service, T1036 - Masquerading, T1040 - Network Sniffing, T1041 - Exfiltration Over C2 Channel, T1045 - Software Packing, T1049 - System Network Connections Discovery, T1053 - Scheduled Task/Job, T1055.002 - Portable Executable Injection, T1055 - Process Injection, T1056 - Input Capture, T1057 - Process Discovery, T1059 - Command and Scripting Interpreter, T1060 - Registry Run Keys / Startup Folder, T1063 - Security Software Discovery, T1068 - Exploitation for Privilege Escalation, T1070 - Indicator Removal on Host, T1071.002 - File Transfer Protocols, T1071.004 - DNS, T1071 - Application Layer Protocol, T1074 - Data Staged, T1082 - System Information Discovery, T1083 - File and Directory Discovery, T1087 - Account Discovery, T1090 - Proxy, T1095 - Non-Application Layer Protocol, T1096 - NTFS File Attributes, T1102 - Web Service, T1105 - Ingress Tool Transfer, T1106 - Native API, T1112 - Modify Registry, T1113 - Screen Capture, T1115 - Clipboard Data, T1119 - Automated Collection, T1122 - Component Object Model Hijacking, T1124 - System Time Discovery, T1129 - Shared Modules, T1132 - Data Encoding, T1134 - Access Token Manipulation, T1140 - Deobfuscate/Decode Files or Information, T1143 - Hidden Window, T1189 - Drive-by Compromise, T1203 - Exploitation for Client Execution, T1204 - User Execution, T1210 - Exploitation of Remote Services, T1213 - Data from Information Repositories, T1217 - Browser Bookmark Discovery, T1222 - File and Directory Permissions Modification, T1404 - Exploit OS Vulnerability, T1415 - URL Scheme Hijacking, T1445 - Abuse of iOS Enterprise App Signing Key, T1449 - Exploit SS7 to Redirect Phone Calls/SMS, T1480 - Execution Guardrails, T1485 - Data Destruction, T1486 - Data Encrypted for Impact, T1489 - Service Stop, T1491 - Defacement, T1496 - Resource Hijacking, T1497 - Virtualization/Sandbox Evasion, T1518 - Software Discovery, T1543 - Create or Modify System Process, T1546 - Event Triggered Execution, T1547 - Boot or Logon Autostart Execution, T1548 - Abuse Elevation Control Mechanism, T1552 - Unsecured Credentials, T1553 - Subvert Trust Controls, T1555 - Credentials from Password Stores, T1559 - Inter-Process Communication, T1560 - Archive Collected Data, T1562.004 - Disable or Modify System Firewall, T1562 - Impair Defenses, T1564 - Hide Artifacts, T1565 - Data Manipulation, T1566 - Phishing, T1569 - System Services, T1573 - Encrypted Channel, T1574 - Hijack Execution Flow, T1598 - Phishing for Information, T1614 - System Location Discovery, TA0001 - Initial Access, TA0002 - Execution, TA0003 - Persistence, TA0004 - Privilege Escalation, TA0005 - Defense Evasion, TA0006 - Credential Access, TA0007 - Discovery, TA0008 - Lateral Movement, TA0009 - Collection, TA0010 - Exfiltration, TA0011 - Command and Control, TA0034 - Impact, TA0040 - Impact

Geographic Location

Country

France

City

Dunkirk

Region

Hauts-de-France

Coordinates

51.0336, 2.3743

Network Information

ASN

AS3215

Organization

Orange

Network

AS3215 Orange

WHOIS Information

inetnum

2.3.0.0 - 2.15.255.255

netname

FR-TELECOM-20100712

country

org

ORG-FT2-RIPE

admin-c

BRX1-RIPE

tech-c

ML2808-RIPE

status

ALLOCATED PA

mnt-by

FT-BRX

mnt-lower

FT-BRX

mnt-routes

RAIN-TRANSPAC

mnt-domains

FT-BRX

created

2012-11-22T09:32:07Z

last-modified

2012-11-22T09:32:07Z

organisation

ORG-FT2-RIPE

org-name

Orange S.A.

org-type

LIR

address

Orange/OF/DTSI/DTR/RSB/DIP/ICC

phone

+33

mnt-ref

RIPE-NCC-HM-MNT

abuse-c

BRX1-RIPE

person

Philippe Gheeraert

nic-hdl

PG5119-RIPE

route

2.5.0.0/16

descr

France Telecom Orange

Country: France
Network:
Noticed: 17 times
Protocols Attacked: Anonymous Proxy
Countries Attacked: Bahrain, Brazil, Canada, Chile, China, Germany, India, Ireland, Israel, Singapore, Switzerland, United States of America

Malware Detected on Host

Count: 1 4cc37e6a731d69a203b9b0c0c31f521886ad28c4e9392e77869b508cfe36a2ea

Disclaimer

This page contains threat intelligence information for the IPv4 address 2.5.4.3 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.