IPMediumSignal 66/100

`146.70.192.174`

Location

Singapore

Singapore, Unknown

ASN

AS9009

M247 Ltd Singapore

First Seen

Jul 2, 2023

Last Seen

May 31, 2026

Jul 2

First Seen

1078d ago

May 31

Last Seen

15d ago

Reports

source reports

66%

Confidence

medium

Found in 22 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

66%

Signal Score

66 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

49 techniques

Network Information

Country

Singapore

RegionSingapore, Unknown

ASNAS9009

OrganizationM247 Ltd Singapore

IP Category

⊕

VPN

VPN exit node

Feed Intelligence Summary

22 reports66% confidence

Source reports

66%

Confidence score

Category tags

abuseaccess controlactive scanactive scanningapacheapache attackerasiaatif feedattackbackdoorbad reputationbad web botbanlist feedbinary defensebotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute-forcebrute_forcec2 communicationcommand & controlcommand and controlcommand injectioncompromised hostcredential accesscredential harvestingcredential stuffingcredential_accessctadata exfiltrationdata store exposuredatabase securityddosdenial of servicedistributed attackseuropeexfiltrationexploitation activityexploited hostfinlandfranceftpftp brute forcegermanyglobalprotecthackinghoneynet connecthttp brute forceidentity & access exploitationinformation technologyinfrastructure acquisitionreconnaissanceinjection activityinjection attacksiociocsit infrastructurelateral movementlevellogin attemptmalicious activitymalicious softwaremalwaremalware distributionmanualnetworknetwork enumerationnetwork intrusionnetwork intrusion attemptsnetwork scanningnetwork securitynetwork traffic analysisnetwork_reconnaissancenorth americapalo altopanospassword attackpassword attacksphishingphishing attackpolandpossible botnet activityprobeprocess injectionprotocol exploitationproxypythonpython scriptransomwarereconnaissanceremote accessremote servicesresearchedromaniartbhscannerscanning activitysecurity policysgsingaporesmb brute forcesmtp brute forcesocial engineeringsoftware developmentspamsshssh attackt1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1027t1040t1046t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1573t1573.001t1587.001t1590.001t1592t1595t1595.001t1595.002t1595.003tannertcp scantelnet threatthreat actorthreat preventiontor nodeudp scanunauthorized access attemptunited statesupstylevpnvulnerabilityvulnerability scanweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs

May 31May 31

Threat Activity Heatmap

· Peak: 2026-05-31

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

66%

Confidence

Reports

First seenJul 2, 2023

Last seenMay 31, 2026

GeolocationSG

CountrySingapore

LocationSingapore, Unknown

ASNAS9009

OrgM247 Ltd Singapore

Coords1.2965, 103.7910

VPN

VirusTotal

Not checked

WHOIS

description: 2024-11-13T13:50:11.437Z Honeypot : Tanner : Source: 146.70.192.174 : Port: 80 Post Data: {'response': {'message': {'sess_uuid': 'b02ce930-8df9-42ae-9a07-5fd5f1a7f9ab', 'detection': {'type': 1, 'version': '0.6.0', 'name': 'index', 'order': 1}}}, 'version': '0.6.0'}
raw: inetnum: 146.0.0.0 - 146.255.255.255 netname: ERX-NETBLOCK descr: Early registration addresses country: AU admin-c: IANA1-AP tech-c: IANA1-AP abuse-c: AA1452-AP status: ALLOCATED PORTABLE remarks: ------------------------------------------------------ remarks: Important: remarks: remarks: Networks in this range were allocated by InterNIC remarks: prior to the formation of Regional Internet remarks: Registries (RIRs): AfriNIC, APNIC, ARIN, LACNIC and RIPE NCC. remarks: remarks: Address ranges from this historical space have now remarks: been transferred to the appropriate RIR database.remarks: remarks: If your search has returned this record, it means the remarks: address range is not administered by APNIC. remarks: remarks: Instead, please search one of the following databases: remarks: remarks: - AfriNIC (Africa) remarks: website: http://www.afrinic.net/ remarks: command line: whois.afrinic.net remarks: remarks: - ARIN (Northern America) remarks: website: http://www.arin.net/ remarks: command line: whois.arin.net remarks: remarks: - LACNIC (Latin America and the Carribean) remarks: website: http://www.lacnic.net/ remarks: command line: whois.lacnic.net remarks: remarks: - RIPE NCC (Europe) remarks: website: http://www.ripe.net/ remarks: command line: whois.ripe.net remarks: remarks: For information on the Early Registration Transfer remarks: (ERX) project, see: remarks: remarks: http://www.apnic.net/db/erx remarks: remarks: ------------------------------------------------------ mnt-by: APNIC-HM mnt-lower: APNIC-HM mnt-irt: IRT-APNIC-AP last-modified: 2022-09-16T01:40:59Z source: APNIC irt: IRT-APNIC-AP address: Brisbane, Australia e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HM20-AP tech-c: NO4-AP auth: # Filtered remarks: APNIC is a Regional Internet Registry. remarks: We do not operate the referring network and remarks: are unable to investigate complaints of network abuse. remarks: For information about IRT, see www.apnic.net/irt remarks: [email protected] was validated on 2020-02-03 mnt-by: APNIC-HM last-modified: 2023-08-18T00:42:38Z source: APNIC role: ABUSE APNICAP address: Brisbane, Australia country: ZZ phone: +000000000 e-mail: [email protected] admin-c: HM20-AP tech-c: NO4-AP nic-hdl: AA1452-AP remarks: Generated from irt object IRT-APNIC-AP remarks: [email protected] was validated on 2020-02-03 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2023-08-18T19:08:30Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
references: https://unit42.paloaltonetworks.com/cve-2024-3400/, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://list.rtbh.com.tr/output.txt, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt, https://github.com/telekom-security/tpotce

`146.70.192.174`

MITRE ATT&CK TTPs

Network Information

IP Category

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy