IPMediumSignal 72/100
200.71.67.6
Location
BrazilJoão Monlevade, Minas Gerais
ASN
AS266191
Internet Super Ltda
First Seen
Mar 12, 2025
Last Seen
Dec 9, 2025
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
72%
Signal Score
72 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryBrazil
BrazilRegionJoão Monlevade, Minas Gerais
ASNAS266191
OrganizationInternet Super Ltda
Feed Intelligence Summary
11 reports72% confidence
11
Source reports
72%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanningattackbotnetbotnet activity detectedbotnet detectionbrbrazilbrute forcebrute force attackc2c2 communicationc2 detectioncisco devicecloud infrastructurecloud infrastructure attackcloud servicescommand and controlcompromised credentialscompromised hostcompromised hostscowrie honeypotcredential accesscredential stuffingdata exfiltrationdecoy systemdevice managementdionaea honeypotdistributed attacksenterprise networkingenumerationeuropeexploitexploitationexploited hostfinlandfranceftp brute forcegermanyhackinghoneynet connecthoneytrap honeypothttp brute forceindicatorinitial accessiot targetedlamplateral movementloginlogin attemptmalicious activitymalicious communicationmalicious domainsmalicious ipsmalicious softwaremalwaremalware behaviourmalware capturemalware distributionmalware filternetworknetwork anomaliesnetwork enumerationnetwork infrastructurenetwork intrusionnetwork scannetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnorth americapassword attackpassword attackspassword sprayingpolandpotential malware uploadprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedresource developmentresource hijackingscannerscanning activitysecurity policysftp attacksmb brute forcesmtp brute forcesouth americassh attackssh monitoringt1003t1005t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1041t1046t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1071.004t1076t1078t1078.001t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1195.002t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1555t1555.004t1563t1565t1566t1573t1573.001t1592t1595t1595.001t1595.002t1595.003tcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontpotceudp scanunauthorized access attemptunited statesvulnerability
Activity Timeline
Dec 9Dec 9
Threat Activity Heatmap
· Peak: 2025-12-09LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
72
SIGNAL
Signal Score
72%
Confidence
11
Reports
First seenMar 12, 2025
Last seenDec 9, 2025
GeolocationBR
CountryBrazil
LocationJoão Monlevade, Minas Gerais
ASNAS266191
OrgInternet Super Ltda
Coords-19.8100, -43.1736
VirusTotal
Not checked
WHOIS
- description
- IPV4 hosts detected attempting to brute force telnet on private honeypot
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 6 months ago
Appeared in 11 threat reports