IOC Radar
IPMediumSignal 44/100

131.196.7.238

Location
BrazilBrazil
Caruaru, Pernambuco
ASN
AS265890
GR SOLUCOES TELECOM LTDA - ME
First Seen
Jan 20, 2021
Last Seen
May 12, 2026
Jan 20
First Seen
1967d ago
May 12
Last Seen
29d ago
11
Reports
source reports
44%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

34 techniques

Network Information

CountryBRBrazil
RegionCaruaru, Pernambuco
ASNAS265890
OrganizationGR SOLUCOES TELECOM LTDA - ME

IP Category

Proxy
Proxy server

Feed Intelligence Summary

11 reports44% confidence
11
Source reports
44%
Confidence score
Category tags
active scanactive scanningantispamattackbad web botbotnetbotnet activitybrazilbrute forcebrute force attackcode executioncommand and controlcommand executioncommunication protocolcompromised credentialscowrie attackscowrie honeypotcowrie interactionscredential accesscredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdefense evasiondenial of servicedionaea honeypotdionaea interactionsdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringexploitation activityexploited hostheralding attack patternidentity & access exploitationinitial accessinjection activityiot securitylateral movementlog4jmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork intrusion attemptsnetwork probingnetwork scanningnetwork securitypassword attacksprocess injectionproxypython script activityreconnaissanceresearchedresource hijackingscannersentrypeer botnetsftp attacksoftware exploitationsouth americaspamssh attackssh monitoringt1021t1021.002t1021.004t1027t1040t1041t1046t1055t1059t1059.004t1059.005t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1555t1565t1566t1566.001t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationsthreat actorthreat intelligencetor nodetpotcevoipvoip attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 12May 12

Threat Activity Heatmap

· Peak: 2026-05-12
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
11
Reports
First seenJan 20, 2021
Last seenMay 12, 2026
GeolocationBR
CountryBrazil
LocationCaruaru, Pernambuco
ASNAS265890
OrgGR SOLUCOES TELECOM LTDA - ME
Coords-8.2754, -35.9735
Proxy

VirusTotal

Not checked

WHOIS

description
proxy-proxy_socks4 search result.
raw
Socket not responding: [Errno 111] Connection refused
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 29 days ago
Appeared in 11 threat reports