IOC Radar
IPMediumSignal 51/100

138.255.240.66

Location
BrazilBrazil
Lauro de Freitas, São Paulo
ASN
AS263981
David De Salles Brasil Junior - ME
First Seen
Aug 26, 2020
Last Seen
Jun 1, 2026
Aug 26
First Seen
2118d ago
Jun 1
Last Seen
13d ago
31
Reports
source reports
51%
Confidence
medium
3/91
VirusTotal
detections
Found in 31 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Network Information

CountryBRBrazil
RegionLauro de Freitas, São Paulo
ASNAS263981
OrganizationDavid De Salles Brasil Junior - ME

IP Category

Proxy
Proxy server

Feed Intelligence Summary

31 reports51% confidence
31
Source reports
51%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningaerospace & defenseaggressive crawlingattackautomated malicious activityautomotive manufacturingbad reputationbad web botblacklist candidatebotnetbotnet activitybrbrazilbrute forcebrute force attackbrute force attackerbrute-forcec2civil servicescommand & controlcommand and controlcommunication protocolcompromised hostcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposureddosddos attackddos preparationdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedistributed attacksdoselectronics manufacturingenumerationexploitation activityexploited hostfraud ordersgovernment technologyhackinghttphttp scanneridentity & access exploitationimageimpair defensesindustrial automationindustrial iotindustrial productioninfrastructure acquisitionreconnaissanceinjection activityintrusion detectioniociot securitymalicious activitymalicious botmalicious crawlermalicious ipmalicious softwaremalwaremanualmanufacturing technologymilitary operationsnational securitynetworknetwork attacksnetwork securitynetwork traffic analysisnextraypassword attacksphishingphishing attackprocess injectionprocess manufacturingproxypublic administrationpublic infrastructurepublic policyquality controlrangereconnaissanceregulatory agenciesresearchedrobotroguerogue threatscams & fraudscannersecurity operationssecurity policysocial engineeringsocks proxysouth americaspamsshssh attacksupply chain attacksupply chain managementt1016.001t1040t1046t1055t1071t1071.001t1110.001t1110.002t1110.003t1110.004t1133t1190t1199t1203t1486t1496t1499t1499.001t1499.002t1499.003t1562t1565t1566.001t1566.002t1566.003t1573t1573.001t1587.001t1590.001t1595t1595.001t1595.002t1595.003tcptcp protocolthreat actorthreat intelligencethreat preventiontor nodeunauthorized devicesvulnerability scanweb application attackweb crawlerweb crawlingweb exploitationweb scrapingweb spamweb traffic

Activity Timeline

1 total obs
Jun 1Jun 1

Threat Activity Heatmap

· Peak: 2026-06-01
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

This indicator of compromise (IOC), an IPv4 address, is classified with a score of 51.4, indicating a significant potential risk to organizational security. Its involvement in various malicious activities, such as brute-force attacks, DDoS campaigns, and proxy services, suggests it acts as a central point for hostile operations. If this IOC is observed communicating with internal systems, it could signify ongoing reconnaissance, unauthorized access attempts, or an active compromise leading to se…

Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
31
Reports
First seenAug 26, 2020
Last seenJun 1, 2026
GeolocationBR
CountryBrazil
LocationLauro de Freitas, São Paulo
ASNAS263981
OrgDavid De Salles Brasil Junior - ME
Coords-23.6537, -46.7067
Proxy

VirusTotal

3/ 91vendors flagged
3% detection rateJun 2, 2026

WHOIS

description
Hitting the server no stop. No scrupulous. No indentification from user agent. Same IP should not appear more than once in 24 hours in this list.
raw
Socket not responding: [Errno 111] Connection refused

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 13 days ago
Appeared in 31 threat reports