IOC Radar
IPMediumSignal 100/100

200.142.119.114

Location
BrazilBrazil
Rio de Janeiro, Rio de Janeiro
ASN
AS17222
Mundivox Do Brasil Ltda
First Seen
Jan 6, 2025
Last Seen
May 31, 2026
Jan 6
First Seen
522d ago
May 31
Last Seen
12d ago
10
Reports
source reports
99%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryBRBrazil
RegionRio de Janeiro, Rio de Janeiro
ASNAS17222
OrganizationMundivox Do Brasil Ltda

Feed Intelligence Summary

10 reports99% confidence
10
Source reports
99%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney honeypotantispamattackbad reputationbotnetbotnet activitybrbrazilbrute forcebrute force attackbrute-forcecommand and controlcommunication protocolcompromised credentialscowrie honeypotcowrie interactionscredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposuredatabase securitydecoy systemdionaea honeypotdionaea interactionsdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringexploitation activityexploitation attemptexploited hostheralding attack patternidentity & access exploitationindicatorinjection activityiot securitylateral movementlog4jmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork intrusion attemptsnetwork scanningnetwork securitypassword attacksphishingphishing attackphishing trapprocess injectionpython script activityreconnaissanceremote accessresearchedresource hijackingscannersentrypeer botnetsftp access attemptsftp attacksocial engineeringsouth americaspamssh attackssh monitoringt1021t1040t1041t1046t1055t1059t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationsthreat actorthreat intelligencetor nodevoipvoip attackweb spam

Activity Timeline

1 total obs
May 31May 31

Threat Activity Heatmap

· Peak: 2026-05-31
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, signals a critical and imminent threat to organizational security. With a maximum score of 100.0 and explicitly not whitelisted, this IP address is associated with a range of highly malicious activities, including credential brute-forcing, network scanning for vulnerabilities, data exfiltration attempts, and the potential for severe system compromise. Its presence in network logs or security device alerts warrants immediate investigation and c…

Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
10
Reports
First seenJan 6, 2025
Last seenMay 31, 2026
GeolocationBR
CountryBrazil
LocationRio de Janeiro, Rio de Janeiro
ASNAS17222
OrgMundivox Do Brasil Ltda
Coords-22.9201, -43.3307

VirusTotal

Not checked

WHOIS

description
2025-04-19T07:08:49.943Z Honeypot : Heralding : Source: 200.142.119.114 : Username/Password: ADmIN1113/password Port: 1080 Message: 2025-04-19 07:08:49.943513,974d97e6-944a-45d3-9a05-3d25f2f09027,5bf65a1d-af34-45ac-8fec-8093429c3e01,200.142.119.114,42593,99.18.26.21,1080,socks5,ADmIN1113,password,
raw
Socket not responding: [Errno 111] Connection refused
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 12 days ago
Appeared in 10 threat reports