IOC Radar
IPMediumSignal 73/100

161.132.38.88

Location
PeruPeru
Santa, Ancash
ASN
AS3132
Red Cientifica Peruana
First Seen
Jan 25, 2026
Last Seen
Jun 9, 2026
Jan 25
First Seen
154d ago
Jun 9
Last Seen
20d ago
29
Reports
source reports
73%
Confidence
medium
Found in 29 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

34 techniques

Network Information

CountryPEPeru
RegionSanta, Ancash
ASNAS3132
OrganizationRed Cientifica Peruana

IP Category

VPN
VPN exit node

Feed Intelligence Summary

29 reports73% confidence
29
Source reports
73%
Confidence score
Category tags
abuseactive scanactive scanningaggressive-detectionapacheapache attackeraptattackaustraliaauthentication attemptautomated attackbad reputationbad web botblocklistblocklist_allblog spambotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute-forcebruteforcec2cisco devicecisco device attackcisco exploitation attemptcisco exploitation attemptscisco ioscivil servicescommand & controlcommand and controlcommunication protocolcompromised hostsconnection-resetcowrie datacowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosddos attackdecoy systemdenial of servicedevice managementdistributed attacksenterprise networkingexploitexploitation activityexploitation attemptsexploited hostfilefraud voipftpftp brute forceftp brute-forcegovernment technologyhackingidentity & access exploitationimapimap attackindicatorinformation technologyinitial accessinjection activityiociot securityiot targetedit infrastructurekill-chain exploitationkill-chain reconnaissancelateral movementlogin attemptlow-riskmalicious activitymalicious file transfermalicious softwaremalwaremobile threatnetworknetwork infrastructurenetwork scanningnetwork securityoceaniaosintpassword attacksperuphishingphishing attackping of deathprocess injectionprotocol exploitationprotocol-probingpublic administrationpublic infrastructurepublic policyreconnaissanceregulatory agenciesremote access attemptresearchedresource hijackingscams & fraudscannerscanning activitysentrypeer activitysentrypeer botnetsftp attacksip brute forcesip scanningsmtpsmtp attackersocial engineeringsoftware developmentsouth americaspamsshssh attackssh monitoringt1005t1021t1021.001t1021.004t1040t1041t1046t1055t1059t1059.004t1071t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1595t1595.001t1595.002t1595.003telecommunicationstelnet threatthreat actorthreat intelligencetor nodetpottpotceunauthorized access attemptsvoipvoip attackvpnvpn ipvulnerability scanvulnerability-exploitationvultrweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Jun 9Jun 9

Threat Activity Heatmap

· Peak: 2026-06-09
Less
More
Mon
Wed
Fri
Jun
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
29
Reports
First seenJan 25, 2026
Last seenJun 9, 2026
GeolocationPE
CountryPeru
LocationSanta, Ancash
ASNAS3132
OrgRed Cientifica Peruana
Coords-8.9886, -78.6119
VPN

VirusTotal

Not checked

WHOIS

description
Score: 100/100. Labels: abuseipdb:brute-force, abuseipdb:critical, abuseipdb:ddos, abuseipdb:exploited-host, abuseipdb:ftp-brute, abuseipdb:hacking. 161.132.38.88 classified as automated brute-force attacker targeting SSH/Telnet credentials (medium confidence). Origin: enriched. Listed on: AbuseIPDB (brute-force, critical, ddos).

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 months ago · Last seen 20 days ago
Appeared in 29 threat reports