IPMediumSignal 52/100
208.115.228.234
Location
United StatesPortland, Oregon
ASN
AS46475
Limestone Networks
First Seen
May 23, 2025
Last Seen
Jun 5, 2026
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
52%
Signal Score
52 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionPortland, Oregon
ASNAS46475
OrganizationLimestone Networks
IP Category
⊕
VPN
VPN exit node
Feed Intelligence Summary
9 reports52% confidence
9
Source reports
52%
Confidence score
Category tags
abuseanydeskbad reputationblacklisted ipbotnetbotnet activityc2 trafficchromecommand & controlcommand and controlcompromised hostscoolexdarkforumsdata exfiltrationdata store exposuredistributed attackseuropeexploitation activityfuturegithubgolangghosthttp posthuntinfected systeminformation technologyingress tool transferinjection activityinsikt groupit infrastructurelazagnemalicious downloadmalicious softwaremalwaremalware distributionnetworknetwork intrusionnorth americaodessaoperating systemphishingprocess injectionproxypurplebravopylangghostpythonransomwareratsresearchedsoftware developmentspamt1005t1021.001t1055t1069.001t1071t1071.001t1078t1105t1486t1496t1499.002t1499.003t1565t1566t1573threat actortor nodeukraineunited statesusvpnwindows
Activity Timeline
Jun 5Jun 5
Threat Activity Heatmap
· Peak: 2026-06-05LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
52
SIGNAL
Signal Score
52%
Confidence
9
Reports
First seenMay 23, 2025
Last seenJun 5, 2026
GeolocationUS
CountryUnited States
LocationPortland, Oregon
ASNAS46475
OrgLimestone Networks
Coords37.7510, -97.8220
VPN
VirusTotal
Not checked
WHOIS
- raw
- NetRange: 208.115.192.0 - 208.115.255.255 CIDR: 208.115.192.0/18 NetName: LIMESTONE-NETWORKS NetHandle: NET-208-115-192-0-1 Parent: NET208 (NET-208-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Limestone Networks, Inc. (LIMES-2) RegDate: 2010-01-06 Updated: 2024-01-08 Comment: https://www.limestonenetworks.com/ Comment: Geofeed https://geofeed.limestonenetworks.com/geofeed.csv Ref: https://rdap.arin.net/registry/ip/208.115.192.0 OrgName: Limestone Networks, Inc. OrgId: LIMES-2 Address: 400 S. Akard Street Address: Suite 200 City: Dallas StateProv: TX PostalCode: 75202 Country: US RegDate: 2007-12-04 Updated: 2024-11-25 Comment: http://limestonenetworks.com/ Ref: https://rdap.arin.net/registry/entity/LIMES-2 ReferralServer: rwhois://rwhois.limestonenetworks.com:4321 OrgAbuseHandle: ABUSE1804-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-214-242-3600 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE1804-ARIN OrgTechHandle: NOC2791-ARIN OrgTechName: Network Operations Center OrgTechPhone: +1-214-242-3600 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC2791-ARIN RNOCHandle: NOC2791-ARIN RNOCName: Network Operations Center RNOCPhone: +1-214-242-3600 RNOCEmail: [email protected] RNOCRef: https://rdap.arin.net/registry/entity/NOC2791-ARIN RAbuseHandle: ABUSE1804-ARIN RAbuseName: Abuse RAbusePhone: +1-214-242-3600 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE1804-ARIN RTechHandle: NOC2791-ARIN RTechName: Network Operations Center RTechPhone: +1-214-242-3600 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/NOC2791-ARIN
- references
- https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://www.recordedfuture.com/research/purplebravos-targeting-it-software-supply-chain
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 21 days ago
Appeared in 9 threat reports