IOC Radar
IPMediumSignal 72/100

186.248.197.77

Location
BrazilBrazil
Belo Horizonte, Minas Gerais
ASN
AS23106
AMERICAN TOWER DO BRASIL-COMUNICAÇÂO MULTIMÍDIA LT
First Seen
Dec 16, 2023
Last Seen
Jun 13, 2026
Dec 16
First Seen
920d ago
Jun 13
Last Seen
9d ago
31
Reports
source reports
72%
Confidence
medium
Found in 31 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
72%
Signal Score
72 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

74 techniques

Network Information

CountryBRBrazil
RegionBelo Horizonte, Minas Gerais
ASNAS23106
OrganizationAMERICAN TOWER DO BRASIL-COMUNICAÇÂO MULTIMÍDIA LT

Feed Intelligence Summary

31 reports72% confidence
31
Source reports
72%
Confidence score
Category tags
abuseaccess attemptsaccess controlaccount compromiseaccount discoveryaccount profilingaccount takeoveraccount takeover attemptactive scanactive scanningaggressive-detectionanomalous network connectionsapacheapache attackerapplication layer protocolaptasiaattackattack attemptattack source ipattacker-ipaustraliaauthenticationauthentication abuseauthentication attackauthentication attacksauthentication attemptauthentication attemptsauthentication brute forceauthentication failuresauthentication_attackauthentication_failuresautomated attackautomated attack attemptsautomated attacksautomated threatautomated-attackbad reputationbad web botbanner-grabbingblock listblock.txtblocklistblocklist_allblog spambotnetbotnet activitybrbrazilbrute forcebrute force attackbrute force attackerbrute force attemptbrute force attemptsbrute-forcbrute-forcebrute_forcebruteforcec2c2 communicationchinachina mobilecisco devicecliftoncloud infrastructurecloud infrastructure attackcloud servicescode-injectioncolumnscommand & controlcommand and controlcommunication protocolcommunity-sharedcompany limitedcompromise attemptcompromised credentialscompromised hostconnection-resetcowriecowrie honeypotcowrie interactionscredential accesscredential attackcredential brute-forcingcredential guessingcredential harvestingcredential stuffingcredential-abusecredential_accesscredential_stuffingcredentialsdaily_sourcesdata exfiltrationdata exfiltration attemptdata store exposureddosddos attackddos participationdecoy systemdenial of servicedenial-of-servicedenial-of-service attemptdevice managementdictionary attackdigital oceandigitalocean environmentdionaea honeypotdionaea interactionsdistributed attacksenterprise networkingeuropeexecutable fileexploit activityexploitationexploitation activityexploitation attemptsexploited hostexport-to-otxfail2ban alertfail2ban alertsfail2ban blockfail2ban blocked ipsfail2ban detectedfail2ban triggeredfailed authenticationfailed loginfailed login attemptsfailed loginsfattfatt signaturesfinlandfranceftpftp brute forceftp brute-forcegame_servergb-originating trafficgermanyhackinghk abusehandlerhoneynet connecthoneypot 24h activityhoneytrap honeypothoneytrap interactionshong konghttp brute forcehttp probinghttp request anomalieshttp scannerhttpshurricane usidentity & access exploitationimapimap attackimap brute forceindiaindicatorinformation technologyinfrastructure reconnaissanceinitial accessinitial access attemptinjection activityinternet-facingintrusion detectioniociot securityiot targetedipv4ipv4 addressesipv4 indicatoripv4 port scanningipv4_trafficit infrastructurejapankill-chain exploitationkill-chain reconnaissancelamplamp stacklateral movementlcialinuxlinux systemlinux systemslogin attacklogin attemptlogin attemptslogin brute-forcelogin failurelondonlow-riskmailoney honeypotmailoney interactionsmalaysiamalicious activitymalicious domainmalicious ip listmalicious loginmalicious payloadmalicious sftp activitymalicious softwaremalicious ssh activitymalicious trafficmalwaremalware behaviourmalware capturemalware distributionmispmultiple failed loginsnetworknetwork accessnetwork attacksnetwork discoverynetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork intrusion detectionnetwork layer protocolnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork security monitoringnetwork service attacknetwork service scanningnetwork trafficnorth americanoticeoceaniaopencanaryosintp0fp0f signaturesparispassword attackpassword attackspassword_guessingpasswordspgp signphishingphishing attackphishing trapping of deathpolandport-scanningpossible bot activitypossible botnet activitypossible malware distributionprocess injectionprotocol exploitationprotocol-probingransomwareraspberry-pireconnaissancereconnaissance activityremote accessremote service attackremote service exploitationremote servicesremote_accessresearchresearchedresource hijackingscanscannerscannersscanning activitysecurity eventsecurity operationssecurity policysensor-taggedsentrypeer botnetsentrypeer interactionsserver securityservice exploitationservice scansftp attacksftp exploitation attemptssingaporesip scansip scanningsmb brute forcesmtpsmtp attackersmtp brute forcesmtp probingsocial engineeringsocradar honeypotsoftware developmentsouth americaspamsql injectionsql-injectionsshssh attackssh bruteforcessh monitoringssh protocolssh scanssh scanningssh-brutestaging_serversuricata alertst-pott1016t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1021.007t1021.008t1040t1041t1046t1047t1048t1053t1055t1056t1059t1059.001t1059.003t1059.004t1065t1068t1071t1071.001t1071.004t1076t1078t1078.001t1078.002t1078.003t1078.004t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1203t1486t1496t1499.001t1499.002t1499.003t1550.002t1555t1555.003t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1573t1573.001t1588t1588.002t1588.004t1589t1589.002t1592t1595t1595.001t1595.002t1595.003tannertanner interactionstargeting databasetcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat actor activitythreat detectionthreat intelligencethreat preventiontimeouttop10.txttopips.txttor nodetpotudp port scanudp scanunauthorized accessunauthorized access attemptunauthorized access attemptsunited kingdomunited statesus noneutc+1:00valid accountsvoidtrapvoipvoip attackvpsweb app attackweb application attackweb brute forceweb exploitationweb loginweb spamweb trafficweb-application-attack

Activity Timeline

1 total obs
Jun 13Jun 13

Threat Activity Heatmap

· Peak: 2026-06-13
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
72
SIGNAL
Signal Score
72%
Confidence
31
Reports
First seenDec 16, 2023
Last seenJun 13, 2026
GeolocationBR
CountryBrazil
LocationBelo Horizonte, Minas Gerais
ASNAS23106
OrgAMERICAN TOWER DO BRASIL-COMUNICAÇÂO MULTIMÍDIA LT
Coords-19.2953, -44.4186

VirusTotal

Not checked

WHOIS

description
timestamp=2026-04-08 10:15:16,447 CC=BR ASN=23106 AMERICAN TOWER DO BRASIL-COMUNICACAO MULTIMIDIA LT latitude=-22.8951 longitude=-47.0439

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 9 days ago
Appeared in 31 threat reports