IPMediumSignal 53/100

`57.132.150.162`

Location

United States

Rosharon, Texas

ASN

AS7459

Grande Communications Networks

First Seen

Sep 24, 2024

Last Seen

Jun 7, 2026

Sep 24

First Seen

628d ago

Jun 7

Last Seen

6d ago

Reports

source reports

53%

Confidence

medium

2/91

VirusTotal

detections

Found in 23 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

53%

Signal Score

53 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

50 techniques

Network Information

Country

United States

RegionRosharon, Texas

ASNAS7459

OrganizationGrande Communications Networks

Feed Intelligence Summary

23 reports53% confidence

Source reports

53%

Confidence score

Category tags

abuseaccount accessaccount discoveryaccount enumerationaccount lockoutaccount profilingaccount takeoveraccount takeover attemptactive scanactive scanningadresse ipasiaatif feedattackattack_vector:brute_forceattacker ip addressesauthenticationauthentication attackauthentication brute forceauthentication_protocolauto-generated securityazure adazure securitybad reputationbankingbanlist feedbelgiumbelgium ip addressesbinary defenseblocked sign-inbotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsbrute-forcebrute-force attackbruteforcec2 communicationc2 servercloud environmentcloud infrastructurecommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostcompromised hostscowrie honeypotcredential accesscredential brute forcecredential brute forcingcredential compromisecredential harvestingcredential stuffingcredential_accesscredit card servicesctadata exfiltrationdata store exposuredata theftddosddos attackdecoy systemdenial of servicedistributed attacksentra ideuropeexploitation activityexploited hostfinancefinancial servicesfinancial technologyfinlandfinland activityfrancefraud ordersftp brute forceftp brute-forcegermanyhackinghoneynet connecthttp brute forceidentity & access exploitationimapimap attackimap brute forceindicatorinformation technologyinfrastructure acquisitionreconnaissanceinjection activityintrusion detectioniocit infrastructurelogin attacklogin attemptlogin attemptslogin brute forcemalaysiamalicious activitymalicious softwaremalwaremalware distributionmanualmicrosoft azuremicrosoft entra idmultiple accountsmultiple accounts targetedmultiple usersmultiple users affectednetworknetwork attacksnetwork brute forcenetwork intrusionnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnetwork:tcpnorth americapassword attackpassword attackspassword crackingpassword sprayingpayment processingphishingphishing attackpolandpop3 brute forceprocess injectionprotocol exploitationprotocol:imapprotocol:pop3protocol:saslprotocol:smtpransomwarereconnaissanceremote accessremote_accessresearchedsaslsasl authenticationsasl authentication attacksasl brute forcescams & fraudscannerscannersscanning activitysecurity operationsservice scansftp attacksign-in logs analysissmtpsmtp attackersmtp brute forcesocial engineeringsoftware developmentspamsshssh attackssh monitoringt1021t1021.004t1040t1041t1046t1055t1059t1059.001t1071t1071.001t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1486t1496t1499.001t1499.002t1499.003t1555t1555.003t1565t1566.001t1566.002t1566.003t1566.004t1567t1573t1573.001t1583.006t1587.001t1588t1588.004t1589t1589.002t1590.001t1595t1595.001t1595.002t1595.003t1598t1598.003tcp attacktcp brute forcetcp protocoltcp protocol attacktcp scantelnet threatthreat actorthreat intelligencetor nodeudp scanunauthorized access attemptunauthorized access attemptsunauthorized login attemptsunited statesunited states of americausvulnerability scanwealth managementweb application attackweb exploitationweb spam

Activity Timeline

1 total obs

Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

53%

Confidence

Reports

First seenSep 24, 2024

Last seenJun 7, 2026

GeolocationUS

CountryUnited States

LocationRosharon, Texas

ASNAS7459

OrgGrande Communications Networks

Coords29.7604, -95.3698

VirusTotal

2/ 91vendors flagged

2% detection rateJun 8, 2026

WHOIS

description: Email related brute force IOCs collected mainly from hosts located in Finland
raw: NetRange: 57.132.128.0 - 57.132.255.255 CIDR: 57.132.128.0/17 NetName: GCNI NetHandle: NET-57-132-128-0-1 Parent: RIPE-ERX-57 (NET-57-0-0-0-1) NetType: Direct Allocation OriginAS: Organization: Grande Communications Networks, LLC (GCNI) RegDate: 2022-02-09 Updated: 2022-02-09 Ref: https://rdap.arin.net/registry/ip/57.132.128.0 OrgName: Grande Communications Networks, LLC OrgId: GCNI Address: 401 Carlson Cir City: San Marcos StateProv: TX PostalCode: 78666 Country: US RegDate: 2001-03-29 Updated: 2015-06-30 Ref: https://rdap.arin.net/registry/entity/GCNI OrgAbuseHandle: ABUSE153-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-512-878-4000 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE153-ARIN OrgTechHandle: IPSER2-ARIN OrgTechName: IP Services OrgTechPhone: +1-512-878-4000 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/IPSER2-ARIN
references: https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://github.com/telekom-security/tpotce, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt

`57.132.150.162`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy