IOC Radar
IPMediumSignal 29/100

23.146.241.5

Location
United StatesUnited States
Clarks Green, Pennsylvania
ASN
AS46664
VolumeDrive
First Seen
Mar 24, 2025
Last Seen
Mar 31, 2026
Mar 24
First Seen
446d ago
Mar 31
Last Seen
74d ago
11
Reports
source reports
29%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
29%
Signal Score
29 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

37 techniques

Network Information

CountryUSUnited States
RegionClarks Green, Pennsylvania
ASNAS46664
OrganizationVolumeDrive

Feed Intelligence Summary

11 reports29% confidence
11
Source reports
29%
Confidence score
Category tags
abuseactive scanactive scanningattackaustraliabad reputationbotnetbotnet activitybrute forcebrute force attackcommand and controlcommunication protocolcowrie honeypotcowrie ssh attackscredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredecoy systemdionaea honeypotdistributed attacksexploitation activityftp brute forcehackingidentity & access exploitationindicatorinjection activityipphoney honeypotipv4mailoney honeypotmalicious activitymalicious login attemptsmalicious softwaremalwaremalware behaviourmalware capturenetworknetwork intrusion attemptnetwork intrusion attemptsnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnorth americaoceaniapassword attacksphishingphishing attackphishing trappossible malicious activitypotential malware propagationprocess injectionreconnaissanceresearchedresource hijackingscanscannersentrypeer botnetsentrypeer dataservice scansftp attacksip attackssip brute forcesip scanningsocial engineeringssh attackssh monitoringt1021t1021.001t1021.002t1021.004t1021.006t1040t1041t1046t1055t1059t1059.004t1059.005t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1589t1589.002t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat intelligencetor nodeunauthorized accessunauthorized access attemptsunauthorized login attemptsunited statesvoipvoip attack

Activity Timeline

1 total obs
Mar 31Mar 31

Threat Activity Heatmap

· Peak: 2026-03-31
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
29
SIGNAL
Signal Score
29%
Confidence
11
Reports
First seenMar 24, 2025
Last seenMar 31, 2026
GeolocationUS
CountryUnited States
LocationClarks Green, Pennsylvania
ASNAS46664
OrgVolumeDrive
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

description
2025-04-18T21:42:32.223Z Honeypot : Sentrypeer : Source: 23.146.241.5 Port: 5060 Data: OPTIONS sip:[email protected] SIP/2.0 Via: SIP/2.0/UDP 192.168.56.1:5149;branch=z9hG4bK-774112376;rport From: "sipvicious" <sip:[email protected]>;tag=3633313231613132313363340131303732333836393531 To: "sipvicious" <sip:[email protected]> Call-ID: 597445787733836555087742 CSeq: 1 OPTIONS Contact: <sip:[email protected]:5149> Accept: application/sdp Max-forwards: 70 User-agent: friendly-scanner Content-Length: 0
raw
NetRange: 23.146.241.0 - 23.146.241.255 CIDR: 23.146.241.0/24 NetName: VDI-NET NetHandle: NET-23-146-241-0-1 Parent: NET23 (NET-23-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: VolumeDrive (VOLUM-2) RegDate: 2020-09-01 Updated: 2020-09-01 Ref: https://rdap.arin.net/registry/ip/23.146.241.0 OrgName: VolumeDrive OrgId: VOLUM-2 Address: 1143 Northern Blvd City: Clarks Summit StateProv: PA PostalCode: 18411 Country: US RegDate: 2008-08-26 Updated: 2018-08-08 Ref: https://rdap.arin.net/registry/entity/VOLUM-2 OrgAbuseHandle: VDIPO-ARIN OrgAbuseName: VDI POC OrgAbusePhone: +1-800-431-6960 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/VDIPO-ARIN OrgTechHandle: VDIPO-ARIN OrgTechName: VDI POC OrgTechPhone: +1-800-431-6960 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/VDIPO-ARIN
references
https://redpiranha.net, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 11 threat reports