IOC Radar
IPMediumSignal 57/100

192.141.74.23

Location
BrazilBrazil
Duque de Caxias, Rio de Janeiro
ASN
AS267470
CX Pro
First Seen
Feb 10, 2026
Last Seen
May 25, 2026
Feb 10
First Seen
125d ago
May 25
Last Seen
20d ago
7
Reports
source reports
57%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
57%
Signal Score
57 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryBRBrazil
RegionDuque de Caxias, Rio de Janeiro
ASNAS267470
OrganizationCX Pro

IP Category

Proxy
Proxy server

Feed Intelligence Summary

7 reports57% confidence
7
Source reports
57%
Confidence score
Category tags
active scanactive scanningbad reputationbad web botbotnet activitybrbrazilbrute forcebrute force attackcredential accesscredential stuffingexploitation activityhttpidentity & access exploitationimageimapimap attackindicatormalicious ipnetworkpassword attacksproxyrangereconnaissanceresearchedscannersmtpsmtp attackersouth americassh attackt1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003tcpweb app attack

Activity Timeline

1 total obs
May 25May 25

Threat Activity Heatmap

· Peak: 2026-05-25
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
57
SIGNAL
Signal Score
57%
Confidence
7
Reports
First seenFeb 10, 2026
Last seenMay 25, 2026
GeolocationBR
CountryBrazil
LocationDuque de Caxias, Rio de Janeiro
ASNAS267470
OrgCX Pro
Coords-22.7592, -43.4511
Proxy

VirusTotal

Not checked

WHOIS

raw
% Copyright (c) Nic.br - Use of this data is governed by the Use and inetnum: 192.141.72.0/22 aut-num: AS267470 abuse-c: LENPA35 owner: CX Pro ownerid: 10.733.998/0001-97 responsible: Marcos Duda country: BR owner-c: MADSI455 tech-c: LENPA35 inetrev: 192.141.72.0/22 nserver: ns1.online.caxias.br nsstat: 20260407 AA nslastaa: 20260407 nserver: ns2.online.caxias.br nsstat: 20260407 QREFUSED nslastaa: 20260222 created: 20170814 changed: 20200120 nic-hdl-br: MADSI455 person: Marcos Duda da silva e-mail: [email protected] country: BR created: 20180517 changed: 20251103 nic-hdl-br: LENPA35 person: Leonardo Nascimento da Paix�o e-mail: [email protected] country: BR created: 20200120 changed: 20200120

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 months ago · Last seen 20 days ago
Appeared in 7 threat reports