IPMediumSignal 73/100
160.202.130.71
Location
BrazilSão Paulo, São Paulo
ASN
AS396356
Latitude.sh
First Seen
Nov 25, 2024
Last Seen
Jun 12, 2026
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryBrazil
BrazilRegionSão Paulo, São Paulo
ASNAS396356
OrganizationLatitude.sh
Feed Intelligence Summary
15 reports73% confidence
15
Source reports
73%
Confidence score
Category tags
abuseaccount compromiseactive reconnaissanceactive scanactive scanningadbhoney honeypotapplication layer protocolaptasiaattackauthentication attackautomated attackbad reputationbotnetbotnet activitybrbrazilbrute forcebrute force attackbrute force attackerbrute-forcebrute_forcec2 communicationcisco devicecisco device targetcloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommunication protocolcowriecowrie honeypotcredential accesscredential compromisecredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase probingdatabase securityddosddos attackddos preparationdecoy systemdenial of servicedevice managementdictionary attackdigital oceandionaeadionaea honeypotdistributed attacksencryptionenterprise networkingenumerationeuropeexploit attemptexploitation activityexploited hostfattfranceftpftp brute forcehackinghoneytrap honeypothttp brute forcehttp scanneridentity & access exploitationindicatorinjection activityinjection attacksinternet-facing serviceiocsipv4ipv4 scanningipv4 threatsjapanlamplamp server targetlateral movementlinux server targetlinux_server_attacksmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware distributionmalware_activitynetworknetwork attacksnetwork discoverynetwork infrastructurenetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service discoveryp0fpassword attacksphishingphishing attackphishing trapping of deathportscanprocess injectionprotocol exploitationrdp scanningreconnaissanceremote accessremote servicesresearchresearchedresource hijackingscannerscannersscanning activitysensor-taggedsentrypeer botnetservice scansftp attacksip brute forcesmtpsmtp brute forcesocial engineeringsouth americaspamsql brute forcesql injection attemptssshssh attackssh monitoringssh-brutet1021t1021.001t1021.002t1040t1041t1046t1055t1059t1059.003t1059.004t1071t1071.001t1076t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1571t1590t1590.004t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltelecommunicationstelnet scanningtelnet threatthreat actorthreat detectionthreat feedthreat intelligencetor nodetpottraffic signalingunknown threat actorvoipvoip attackvulnerability scanvultrvultr cloud infrastructureweb app attackweb application probingweb server attackweb spamweb trafficweb_attack
Activity Timeline
Jun 12Jun 12
Threat Activity Heatmap
· Peak: 2026-06-12LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
15
Reports
First seenNov 25, 2024
Last seenJun 12, 2026
GeolocationBR
CountryBrazil
LocationSão Paulo, São Paulo
ASNAS396356
OrgLatitude.sh
Coords-23.5475, -46.6361
VirusTotal
Not checked
WHOIS
- description
- IPv4 hosts detected port scanning DigitalOcean Toronto (CA) honeypot
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 13 days ago
Appeared in 15 threat reports