IPMediumSignal 15/100
163.116.233.51
Location
BrazilSão Paulo, São Paulo
ASN
AS55256
Netskope Inc
First Seen
May 14, 2025
Last Seen
May 14, 2025
Found in 1 report. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
15%
Signal Score
15 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryBrazil
BrazilRegionSão Paulo, São Paulo
ASNAS55256
OrganizationNetskope Inc
Feed Intelligence Summary
1 report15% confidence
1
Source reports
15%
Confidence score
Category tags
access controlanomalous http requestcommunication protocoldecoy systemevasionheader manipulationhttp scannerindicatorintrusion detectionmalicious botnetworknetwork attacksnetwork securityreconnaissanceresearchedrobot detections3 accessscannersecurity policyt1027t1040t1071.001t1190t1499.001t1499.002t1499.003t1573.001t1587.004t1595.003tcp protocolthreat intelligencethreat preventionuser agent spoofingweb crawlerweb crawlingweb traffic
Activity Timeline
May 14May 14
Threat Activity Heatmap
LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreLow Risk
15
SIGNAL
Signal Score
15%
Confidence
1
Reports
First seenMay 14, 2025
Last seenMay 14, 2025
GeolocationBR
CountryBrazil
LocationSão Paulo, São Paulo
ASNAS55256
OrgNetskope Inc
Coords-23.5475, -46.6361
VirusTotal
Not checked
WHOIS
- description
- Hitting the server with good user agent, but no standard accesses. Wrong encode in header. Deceiving robot masked in common browser. Same IP should not appear more than once in 24 hours in this list.
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 year ago
Appeared in 1 threat report