IPMediumSignal 70/100

`198.54.134.132`

Location

United States

San Jose, CA

ASN

AS11878

TZULO-SJC

First Seen

Nov 12, 2022

Last Seen

Feb 8, 2026

Nov 12

First Seen

1310d ago

Feb 8

Last Seen

126d ago

Reports

source reports

70%

Confidence

medium

Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

70%

Signal Score

70 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

29 techniques

Network Information

Country

United States

RegionSan Jose, CA

ASNAS11878

OrganizationTZULO-SJC

IP Category

⟲

Proxy

Proxy server

⊕

VPN

VPN exit node

Feed Intelligence Summary

10 reports70% confidence

Source reports

70%

Confidence score

Category tags

abuseaccessaccess controlaccount discoveryaccount profilingaccount takeoveractive scanningaerospace & defenseattackauthenticationautomated attackautomotive manufacturingbotnetbrute forcebrute force attackbrute force attemptsbruteforcecivil servicescommand and controlcommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingcyber securitydata exfiltrationddosdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedistributed attackselectronics manufacturingfortiosgovernment technologygroupsindustrial automationindustrial iotindustrial productioninformation technologyiocipv4it infrastructuremalicious activitymalicious softwaremalwaremanufacturing technologymilitary operationsnational securitynetworknetwork securitynextraynorth americapassword attackpassword attacksphishing attackprocess injectionprocess manufacturingproxypublic administrationpublic infrastructurepublic policyquality controlreconnaissanceregulatory agenciesremote accessremote servicesresearchedresource hijackingscannerscriptsecurity operationssentrypeer botnetsftp attackslugsocial engineeringsoftware developmentssh attackssh monitoringssl vpnsupply chain managementsurface webt1021.001t1040t1041t1055t1071.001t1078t1078.001t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1555t1555.003t1565t1566.001t1566.002t1566.003t1567t1595.001t1595.002t1595.003tannertelecommunicationsthreat actorthreat intelligenceunauthorized accessunited statesusvoipvoip attackvpn

Activity Timeline

1 total obs

Feb 8Feb 8

Threat Activity Heatmap

· Peak: 2026-02-08

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Threat ScoreMedium Risk

SIGNAL

Signal Score

70%

Confidence

Reports

First seenNov 12, 2022

Last seenFeb 8, 2026

GeolocationUS

CountryUnited States

LocationSan Jose, CA

ASNAS11878

OrgTZULO-SJC

Coords37.3773, -122.0194

ProxyVPN

VirusTotal

Not checked

WHOIS

raw: tzulo, inc. TZULO (NET-198-54-128-0-1) 198.54.128.0 - 198.54.135.255 TZULO-SJC TZULO-SJC (NET-198-54-134-0-1) 198.54.134.0 - 198.54.134.255
references: source over 3 count.csv, https://github.com/telekom-security/tpotce

`198.54.134.132`

MITRE ATT&CK TTPs

Network Information

IP Category

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy