IOC Radar
IPMediumSignal 44/100

146.88.241.174

Location
United StatesUnited States
Dallas, Texas
ASN
AS20052
Arbor Networks, Inc.
First Seen
Jul 4, 2023
Last Seen
Jun 4, 2026
Jul 4
First Seen
1078d ago
Jun 4
Last Seen
13d ago
18
Reports
source reports
44%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Network Information

CountryUSUnited States
RegionDallas, Texas
ASNAS20052
OrganizationArbor Networks, Inc.

Feed Intelligence Summary

18 reports44% confidence
18
Source reports
44%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney activityadbhoney honeypotaptattackaustraliabad reputationbeningbening scannerbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptsbrute-forcec2 communicationciscocisco devicecisco exploitation attemptcisco exploitation attemptscommand & controlcommand and controlcommunication protocolcompromised hostconpotconpot activityconpot honeypotcowriecowrie activitycowrie honeypotcowrie interactionscredential accesscredential stuffingdata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackdecoy systemdenial of servicedevice managementdionaeadionaea activitydionaea honeypotdionaea interactionsdionaea payloadsdistributed attacksenterprise networkingenumerationexploitexploitation activityexploited hostfattfatt detectionsfatt signaturesftpftp brute forcehackinghoneytrap eventshoneytrap honeypothoneytrap interactionshttp brute forcehttp probinghttp scannericmpics securityidentity & access exploitationinbound scanindicatorindustrial control systemsinitial accessinjection activityiot securityiot/ics attackipv4kfsensor honeypotlamplamp exploitationlamp stack attackmailoney eventsmailoney honeypotmailoney interactionsmalicious activitymalicious softwaremalicious trafficmalwaremalware analysismalware behaviourmalware capturemalware distributionmanualnetscout_tiisi-benignnetworknetwork attacksnetwork discoverynetwork infrastructurenetwork intrusion attemptsnetwork intrusion detectionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnorth americaoceaniaopenctip0fp0f signaturespassword attacksphishingphishing attackphishing trappossible reconnaissancepotential intrusionprocess injectionprotocol exploitationransomwarerdpreconnaissanceredis honeypotremote accessremote servicesresearchedresource hijackingscanscannersensor-taggedsentrypeer activitysentrypeer botnetsentrypeer eventssentrypeer interactionsservice detectionservice scansftpsftp activitysftp attacksipsip scanningsmtpsmtp probingsmtp scanningsshssh attackssh monitoringssh scanningsuricata alertst1005t1016t1018t1020t1021t1021.001t1040t1041t1046t1053t1055t1059t1068t1071t1071.001t1076t1078t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1203t1486t1496t1499.001t1499.002t1499.003t1555t1563t1565t1573t1573.001t1583t1589t1595t1595.001t1595.002t1595.003tannertanner eventstanner interactionstargeting databasetcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpottsecunited statesunknown groupusverified-benignvoipvoip attackvulnerability scanweb application attackweb exploitationweb traffic

Activity Timeline

1 total obs
Jun 4Jun 4

Threat Activity Heatmap

· Peak: 2026-06-04
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
18
Reports
First seenJul 4, 2023
Last seenJun 4, 2026
GeolocationUS
CountryUnited States
LocationDallas, Texas
ASNAS20052
OrgArbor Networks, Inc.
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

description
Observed making inbound scans on 2026-06-02 18:55:05
raw
NetRange: 146.88.240.0 - 146.88.255.255 CIDR: 146.88.240.0/20 NetName: ARBORN NetHandle: NET-146-88-240-0-1 Parent: NET146 (NET-146-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Arbor Networks, Inc. (ARBORN) RegDate: 2016-10-27 Updated: 2023-10-24 Comment: NETSCOUT | Arbor Networks Research Scanner Comment: Comment: https://www.internet-albedo.net/ Ref: https://rdap.arin.net/registry/ip/146.88.240.0 OrgName: Arbor Networks, Inc. OrgId: ARBORN Address: 2727 S. State St. Address: Suite 200 City: Ann Arbor StateProv: MI PostalCode: 48104 Country: US RegDate: 2001-01-24 Updated: 2011-09-24 Ref: https://rdap.arin.net/registry/entity/ARBORN OrgAbuseHandle: HOSTM187-ARIN OrgAbuseName: hostmaster OrgAbusePhone: +1-734-327-0000 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/HOSTM187-ARIN OrgTechHandle: HOSTM187-ARIN OrgTechName: hostmaster OrgTechPhone: +1-734-327-0000 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/HOSTM187-ARIN RAbuseHandle: ASERT-ARIN RAbuseName: ASERT Abuse RAbusePhone: +1-734-327-0000 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/ASERT-ARIN
references
https://redpiranha.net, https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 13 days ago
Appeared in 18 threat reports