IOC Radar
IPMediumSignal 47/100

73.97.114.149

Location
United StatesUnited States
Auburn, WA
ASN
AS7922
Comcast IP Services, L.L.C.
First Seen
Sep 24, 2024
Last Seen
Jun 2, 2026
Sep 24
First Seen
628d ago
Jun 2
Last Seen
12d ago
23
Reports
source reports
47%
Confidence
medium
Found in 23 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Network Information

CountryUSUnited States
RegionAuburn, WA
ASNAS7922
OrganizationComcast IP Services, L.L.C.

Feed Intelligence Summary

23 reports47% confidence
23
Source reports
47%
Confidence score
Category tags
abuseaccount lockoutactive scanactive scanningatif feedattackauto-generated securityazure adbad reputationbanlist feedbelgiumbinary defensebotnetbotnet activitybrute forcebrute force attackcloud infrastructurecloud infrastructure attackcommand and controlcommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredecoy systemdistributed attackseuropeexploitation activityfailed authenticationfoods and drinksftp brute forcehttp brute forceidentity & access exploitationimapimap attackindicatorinformation technologyinfrastructure acquisitionreconnaissanceinjection activityintrusion detectionit infrastructurelogin attackmalicious activitymalicious softwaremalwaremanualnetworknetwork scanningnetwork securitynorth americapassword attacksphishingphishing attackprocess injectionreconnaissanceresearchedscanscannerscanning activitysecurity operationssftp attacksmtpsmtp attackersocial engineeringsoftware developmentssh attackssh monitoringt1021t1021.001t1021.002t1021.006t1040t1041t1055t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1587.001t1588t1588.002t1590.001t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat intelligencetor nodeunauthorized access attemptsunited kingdomunited statesunited states of americausvoip

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, represents a critical threat associated with various malicious activities, including network scanning, brute-force attacks, and command-and-control (C2) operations. Its presence on numerous threat intelligence feeds with a moderate-to-high score underscores its potential for involvement in aggressive reconnaissance and exploitation attempts. If this IP address is detected communicating with organizational assets, it could signal an ongoing or …

Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
23
Reports
First seenSep 24, 2024
Last seenJun 2, 2026
GeolocationUS
CountryUnited States
LocationAuburn, WA
ASNAS7922
OrgComcast IP Services, L.L.C.
Coords47.6901, -122.3747

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
raw
Comcast Cable Communications, LLC CABLE-1 (NET-73-0-0-0-1) 73.0.0.0 - 73.255.255.255 Comcast IP Services, L.L.C. SEATTLE-23 (NET-73-97-0-0-1) 73.97.0.0 - 73.97.255.255
references
https://redpiranha.net, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://github.com/telekom-security/tpotce, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 12 days ago
Appeared in 23 threat reports