IOC Radar
IPMediumSignal 41/100

45.177.210.193

Location
BrazilBrazil
Santana do Livramento, RS
ASN
AS268999
Fronteira Internet
First Seen
Aug 15, 2025
Last Seen
Jun 7, 2026
Aug 15
First Seen
303d ago
Jun 7
Last Seen
7d ago
19
Reports
source reports
41%
Confidence
medium
8/91
VirusTotal
detections
Found in 19 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
41%
Signal Score
41 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

74 techniques

Network Information

CountryBRBrazil
RegionSantana do Livramento, RS
ASNAS268999
OrganizationFronteira Internet

Feed Intelligence Summary

19 reports41% confidence
19
Source reports
41%
Confidence score
Category tags
access controlaccount enumerationactive scanactive scanningactive-attackadresse ipapacheapache attackeraptattackauthenticationauthentication attackauthentication-failureazure adbad reputationbad web botbankingbelgiumblocklist_allbotnetbotnet activitybrbrazilbrute forcebrute force attackbrute force attemptbrute-forcebruteforcec&cc2cloud infrastructurecode executioncommand & controlcommand and controlcommand executioncommunication protocolcompromised servercompromised systemcredential accesscredential harvestingcredential stuffingcredential-dumpingcredit card servicesdata exfiltrationdata store exposureddosddos attackdecoy systemdefense evasiondenial of servicedenial-of-servicedistributed attackseuropeexfiltrationexploitexploitation activityexploitation attemptsexploited hostfinancefinancial servicesfinancial technologyfinlandfnt-secure-sentinelfnt-sentinelfrancefraud ordersfraud voipftpftp brute forcegermanyhackinghoneynet connecthttp brute forcehttp scannerhttpsidentity & access exploitationimapimap attackimpactindicatorinformation technologyinitial accessinjection activityintrusion detectionit infrastructurekill-chain exploitationkill-chain reconnaissancelateral movementlogin attacklogin attemptmalicious activitymalicious domainmalicious ipmalicious ip addressesmalicious linksmalicious softwaremalicious-ipmalwaremedium-riskmicrosoft entra idmultiple usersnetworknetwork attacksnetwork enumerationnetwork intrusionnetwork probingnetwork protocolnetwork scanningnetwork securitynorth americaopenctipassword attackpassword attackspassword crackingpayment processingphishingphishing attackpolandprivilege escalationprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote servicesresearchedresource developmentrobots3saslscams & fraudscannerscanning activitysecurity operationssecurity policyself-signedsmb brute forcesmtpsmtp attackersmtp brute forcesmtp-attacksocial engineeringsoftware developmentsoftware exploitationsouth americaspamsshssh attackt1005t1016t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1027t1040t1046t1053t1055t1059t1059.001t1059.003t1059.004t1065t1068t1070t1070.001t1070.002t1070.003t1070.004t1070.005t1070.006t1070.007t1071t1071.001t1071.004t1076t1078t1078.002t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1199t1203t1204t1204.001t1210t1486t1496t1497t1499.001t1499.002t1499.003t1547.001t1547.009t1555t1555.003t1563t1564t1565t1566t1566.001t1566.002t1566.003t1573t1588t1588.002t1588.004t1592t1595t1595.001t1595.002t1595.003tcptcp protocoltcp scantelnet threatthreat actorthreat intelligencethreat preventiontor nodeturkeyudp scanunauthorized access attemptunited kingdomunited stateswazuhwealth managementweb app attackweb application attackweb crawlerweb crawlingweb exploitationweb securityweb spamweb traffic

Activity Timeline

1 total obs
Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
41
SIGNAL
Signal Score
41%
Confidence
19
Reports
First seenAug 15, 2025
Last seenJun 7, 2026
GeolocationBR
CountryBrazil
LocationSantana do Livramento, RS
ASNAS268999
OrgFronteira Internet
Coords-30.7820, -55.4785

VirusTotal

8/ 91vendors flagged
9% detection rateJun 8, 2026

WHOIS

description
Bruteforce hitting the server on any SASL.
raw
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 10 months ago · Last seen 7 days ago
Appeared in 19 threat reports