IOC Radar
IPMediumSignal 29/100

191.81.226.34

Location
ArgentinaArgentina
Mendoza, Mendoza
ASN
AS22927
Telefonica de Argentina
First Seen
Apr 8, 2026
Last Seen
Apr 10, 2026
Apr 8
First Seen
67d ago
Apr 10
Last Seen
65d ago
5
Reports
source reports
29%
Confidence
medium
Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
29%
Signal Score
29 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryARArgentina
RegionMendoza, Mendoza
ASNAS22927
OrganizationTelefonica de Argentina

Feed Intelligence Summary

5 reports29% confidence
5
Source reports
29%
Confidence score
Category tags
argentinaexploitation activityimapimap attackindicatornetworkresearchedsmtpsmtp attackersouth america

Activity Timeline

1 total obs
Apr 10Apr 10

Threat Activity Heatmap

· Peak: 2026-04-10
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, signals a significant threat to organizational security, potentially indicative of active malicious infrastructure. Identified by multiple reputable threat intelligence feeds, including various Blocklist.de-Firehol sources and SOCRadar Threat Exchange Services, this IP is flagged as a "Potential Attacker" and is associated with botnet activity. Its presence in our environment could signify a compromised internal system engaging in Command and …

Threat ScoreLow Risk
29
SIGNAL
Signal Score
29%
Confidence
5
Reports
First seenApr 8, 2026
Last seenApr 10, 2026
GeolocationAR
CountryArgentina
LocationMendoza, Mendoza
ASNAS22927
OrgTelefonica de Argentina
Coords-32.8974, -68.7871

VirusTotal

Not checked

WHOIS

raw
inetnum: 191.80.0.0/14 status: allocated aut-num: N/A owner: Telefonica de Argentina ownerid: AR-TEAR7-LACNIC responsible: Luis Francisco Pérez Sánchez address: Av. Independencia, 169, PB address: 1099 - Buenos Aires - CF country: AR phone: +54 8102220102 [0000] owner-c: TEA tech-c: TEA abuse-c: TEA inetrev: 191.80.0.0/14 nserver: DNS1.MRSE.COM.AR nsstat: 20260407 AA nslastaa: 20260407 nserver: DNS2.MRSE.COM.AR nsstat: 20260407 AA nslastaa: 20260407 nserver: DNS3.MRSE.COM.AR nsstat: 20260407 AA nslastaa: 20260407 nserver: DNS4.MRSE.COM.AR [lame - not published] nsstat: 20260407 NOT SYNC ZONE nslastaa: 20260327 created: 20140310 changed: 20140310 nic-hdl: TEA person: Telefonica de Argentina e-mail: [email protected] address: AV. ING. HUERGO, 723, address: 1065 - Capital Federal - BA country: AR phone: +54 11 43335000 created: 20030618 changed: 20250828

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 2 months ago
Appeared in 5 threat reports