IOC Radar
IPMediumSignal 55/100

45.11.105.143

Location
BrazilBrazil
São Paulo, Sao Paulo
ASN
AS57695
Misaka Network, Inc
First Seen
Aug 26, 2020
Last Seen
Jun 23, 2026
Aug 26
First Seen
2127d ago
Jun 23
Last Seen
today
8
Reports
source reports
55%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

39 techniques

Network Information

CountryBRBrazil
RegionSão Paulo, Sao Paulo
ASNAS57695
OrganizationMisaka Network, Inc

Feed Intelligence Summary

8 reports55% confidence
8
Source reports
55%
Confidence score
Category tags
active scanactive scanningaustraliabad web botbotnetbotnet activitybrbrazilbrute forcebrute force attackbrute force attacksbrute force attemptsbrute-forcebruteforcecommand injectioncommunication protocolcompromised hostcowrie honeypotcowrie interactionscowrie ssh attackscredential accesscredential attackcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase attacksdatabase securityddosdecoy systemdenial of servicedionaea honeypotdionaea interactionsdionaea malware samplesdionaea payloadsdnsdns attackencryptionexploitexploit attemptsexploitation activityexploitation attemptexploitation attemptsexploited hostfailed login attemptsfattfatt detectionsfatt signaturesfileftpftp attacksftp brute forcehackinghoneytrap eventshoneytrap exploit attemptshoneytrap honeypothoneytrap interactionshttp probinghttp scanneridentity & access exploitationinbound scanindicatorindicators of compromiseinitial accessinjection activityinjection attacksinternet-facinglateral movementmailoney eventsmailoney honeypotmailoney interactionsmalicious activitymalicious file transfermalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware deliverymalware distributionmalware propagationnetworknetwork intrusion attemptsnetwork intrusion detectionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork-based attack attemptsoceaniap0fp0f network fingerprintingp0f signaturespassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationransomwarerdp attacksreconnaissanceremote accessremote servicesresearchedresource hijackingscannerscanning activitysensor-taggedsentrypeer botnetsentrypeer eventssentrypeer interactionsserver exploitationservice scansmtpsmtp attackssmtp brute forcesmtp probingsouth americasql injectionssh attackssh attacksssh monitoringsuricata alertst-pott1005t1018t1021t1021.001t1021.002t1040t1046t1055t1059t1059.003t1071t1071.001t1076t1077t1078t1087t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1195t1203t1486t1496t1499.001t1499.002t1505.002t1563t1565t1572t1583t1595t1595.001t1595.002t1595.003tannertanner eventstanner interactionstargeting databasetelecommunicationstelnet attackstelnet threatthreat actorthreat detectionthreat intelligencethreat intelligence feedtor nodetpottsecunauthorized accessvnc protocolvoipvoip attackweb app attackweb application attackweb application attacksweb exploitationweb shell detectionweb traffic

Activity Timeline

1 total obs
Jun 23Jun 23

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
8
Reports
First seenAug 26, 2020
Last seenJun 23, 2026
GeolocationBR
CountryBrazil
LocationSão Paulo, Sao Paulo
ASNAS57695
OrgMisaka Network, Inc
Coords-23.5471, -46.6372

VirusTotal

Not checked

WHOIS

description
Observed making inbound scans on 2026-05-22 20:39:30
raw
NetRange: 45.10.58.0 - 45.11.139.255 CIDR: 45.11.128.0/21, 45.10.128.0/17, 45.10.60.0/22, 45.11.136.0/22, 45.11.0.0/17, 45.10.64.0/18, 45.10.58.0/23 NetName: RIPE NetHandle: NET-45-10-58-0-1 Parent: NET45 (NET-45-0-0-0-0) NetType: Early Registrations, Transferred to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 2015-03-03 Updated: 2025-02-10 Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois. Ref: https://rdap.arin.net/registry/ip/45.10.58.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE ReferralServer: whois.ripe.net ResourceLink: https://apps.db.ripe.net/db-web-ui/query OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen today
Appeared in 8 threat reports