IOC Radar
IPMediumSignal 70/100

189.61.171.16

Location
BrazilBrazil
Araguari, MG
ASN
AS28573
NET Serviços de Comunicação S.A.
First Seen
Feb 26, 2025
Last Seen
Feb 20, 2026
Feb 26
First Seen
469d ago
Feb 20
Last Seen
109d ago
8
Reports
source reports
70%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Network Information

CountryBRBrazil
RegionAraguari, MG
ASNAS28573
OrganizationNET Serviços de Comunicação S.A.

Feed Intelligence Summary

8 reports70% confidence
8
Source reports
70%
Confidence score
Category tags
abuseactive scanningadbhoney honeypotattackbotnetbrbrazilbrute forcebrute force attackcommand and controlcommunication protocolcompromised credentialscowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdecoy systemdionaea honeypotdionaea malware collectiondistributed attacksexploit attemptexploitationftp brute forceindicatormailoney honeypotmalicious activitymalicious code detectionmalicious softwaremalicious sshmalwaremalware behaviourmalware capturenetworknetwork intrusion attemptnetwork probingnetwork scanningnetwork securitypassword attacksphishingphishing attackphishing trapprocess injectionreconnaissanceresearchedresource hijackingscannersentrypeer botnetsftp attacksip brute forcesocial engineeringsouth americassh attackssh monitoringt1016t1016.001t1018t1021t1021.001t1021.004t1040t1041t1055t1059t1059.004t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat intelligencevoipvoip attack

Activity Timeline

1 total obs
Feb 20Feb 20

Threat Activity Heatmap

· Peak: 2026-02-20
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
70
SIGNAL
Signal Score
70%
Confidence
8
Reports
First seenFeb 26, 2025
Last seenFeb 20, 2026
GeolocationBR
CountryBrazil
LocationAraguari, MG
ASNAS28573
OrgNET Serviços de Comunicação S.A.
Coords-18.5907, -48.2615

VirusTotal

Not checked

WHOIS

description
2025-03-22T08:59:22.430Z Honeypot : Adbhoney : EventID/src_ip/src_url: adbhoney.session.closed189.61.171.16
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 8 threat reports