IOC Radar
IPMediumSignal 100/100

186.13.143.106

Location
ArgentinaArgentina
Lanus, Buenos Aires F.D.
ASN
AS11664
AMX Argentina S.A
First Seen
Apr 27, 2024
Last Seen
May 5, 2026
Apr 27
First Seen
788d ago
May 5
Last Seen
49d ago
20
Reports
source reports
99%
Confidence
medium
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

47 techniques

Network Information

CountryARArgentina
RegionLanus, Buenos Aires F.D.
ASNAS11664
OrganizationAMX Argentina S.A

Feed Intelligence Summary

20 reports99% confidence
20
Source reports
99%
Confidence score
Category tags
abuseabuseipdbaccess controlaccount discoveryactive scanactive scanningapachearargentinaatif feedattackaustraliaauthentication attackauthentication failureauthentication failuresauto-generated securitybad reputationbanlist feedbinary defenseblocked ipbotnetbotnet activitybotnet activity detectedbrute forcebrute force attackbrute force attemptbrute-forcec2 communicationc2 servercisco devicecommand & controlcommand and controlcommunication protocolcompromised hostcompromised hostscowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposuredata theftddosddos attemptddos botnetdecoy systemdenial of servicedevice managementdistributed attacksenterprise networkingeuropeexploitexploitation activityexploited hostfailed loginfinlandftp brute forcehttp brute forcehttp scanninghttps scanningidentity & access exploitationindicatorinformation technologyinfrastructure acquisitionreconnaissanceinitial accessinjection activityintrusion detectioniocit infrastructurelateral movementlogin attacklogin attemptsmailmalicious activitymalicious domainmalicious softwaremalwaremalware distributionmanualmod securitynetworknetwork attacksnetwork enumerationnetwork infrastructurenetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork trafficnetwork traffic analysisoceaniapassword attackspassword crackingphishingphishing attackpossible malware probingprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote servicesresearchedrtbhscanscannerscanning activitysecurity policyservice scansftp attacksip scanningsmb scanningsocial engineeringsocradar honeypotsoftware developmentsouth americaspamspam botnetsshssh attackssh monitoringsystem discoveryt-pott1018t1021t1021.001t1021.004t1040t1041t1046t1055t1059t1059.004t1068t1071t1071.001t1076t1078t1078.004t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1199t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566t1566.001t1566.002t1566.003t1573t1587.001t1588.004t1589t1590.001t1595t1595.001t1595.002t1595.003tannertcp protocoltelecommunicationstelnet threatthreat actorthreat intelligencethreat preventiontor nodetpottsecunauthorized accessunited kingdomunited statesvoipvulnerability scanweb application attackweb exploitation

Activity Timeline

1 total obs
May 5May 5

Threat Activity Heatmap

· Peak: 2026-05-05
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
20
Reports
First seenApr 27, 2024
Last seenMay 5, 2026
GeolocationAR
CountryArgentina
LocationLanus, Buenos Aires F.D.
ASNAS11664
OrgAMX Argentina S.A
Coords-34.7164, -58.3870

VirusTotal

Not checked

WHOIS

description
Bruteforce hitting the server at TCP port 22 SSH. Same IP should not appear more than once in 24 hours in this list.
raw
Socket not responding: [Errno 111] Connection refused

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 month ago
Appeared in 20 threat reports