IOC Radar
IPMediumSignal 66/100

116.50.179.74

Location
PhilippinesPhilippines
Manila, National Capital Region
ASN
AS9658
Eastern Telecommunications Philippines, Inc
First Seen
Oct 3, 2025
Last Seen
May 30, 2026
Oct 3
First Seen
253d ago
May 30
Last Seen
14d ago
25
Reports
source reports
66%
Confidence
medium
Found in 25 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
66%
Signal Score
66 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

48 techniques

Network Information

CountryPHPhilippines
RegionManila, National Capital Region
ASNAS9658
OrganizationEastern Telecommunications Philippines, Inc

IP Category

VPN
VPN exit node

Feed Intelligence Summary

25 reports66% confidence
25
Source reports
66%
Confidence score
Category tags
abuseaccess controlaccount compromiseaccount discoveryaccount profilingaccount takeoveractive scanactive scanningapacheapache attackeraptasiaattackattack source ipattacker ipattacker-ipaustraliaauthenticationauthentication abuseauthentication failureautomated attackautomated attack attemptsbad reputationbad web botblocklist_allblog spambotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attemptbrute force attemptsbrute-forcebruteforcec2chinacisco devicecisco exploitation attemptcisco exploitation attemptscliftoncloud infrastructurecloud infrastructure attackcloud servicescode executioncode injectioncode-injectioncommand & controlcommand and controlcommand executioncommunication protocolcompromised credentialscompromised hostcompromised hostscowrie datacowrie honeypotcredential accesscredential attackscredential guessingcredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackdecoy systemdenial of servicedevice managementdionaea honeypotdistributed attacksemerging threatsenterprise networkingeuropeexploitexploitation activityexploitation attemptsexploited hostfail2ban alertsfail2ban triggeredfailed login attemptsfattfranceftpftp brute forceftp brute-forcehackinghoneytrap honeypothttp brute forcehttp scannerhttpsidentity & access exploitationimapindiaindicatorinformation technologyinitial accessinitial-accessinjection activityinjection attacksintrusion detectioninvalid login attemptsiociot securityiot targetedip-addressipv4it infrastructurelamplamp server targetinglateral movementlcialog analysislogin attacklogin attemptlogin attemptsmailoney honeypotmalaysiamalicious activitymalicious loginmalicious script executionmalicious sftp activitymalicious softwaremalicious ssh activitymalwaremalware behaviourmalware capturemalware distributionnetworknetwork attacksnetwork discoverynetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork service scanningnetwork trafficnetwork traffic analysisnorth americanoticeoceaniap0fpassword attackpassword attackspassword sprayingphphilippinesphishingphishing attackphishing trapping of deathport-scanpossible intrusionprocess injectionprotocol exploitationpublicly accessible infrastructureransomwarerate limiting triggeredreconnaissanceremote accessremote servicesresearchedresource hijackingscanscannerscannersscanning activityscripting attackssecurity eventsecurity operationssecurity policysensor-taggedsentrypeer activitysentrypeer botnetserver securityservice exploitation attemptsservice scansftp access attemptsftp attacksftp exploitation attemptssingaporesip brute forcesip scanningsmtpsocial engineeringsocradar honeypotsoftware developmentspamsql-injectionsshssh attackssh monitoringsystem accesst-pott1016t1021t1021.001t1021.004t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1071t1071.001t1076t1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1550t1563t1565t1566t1566.001t1566.002t1566.003t1567t1573t1588t1589t1590t1590.005t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotudp port scanunauthorized accessunauthorized access attemptunauthorized access attemptsunauthorized login attemptunauthorized login attemptsunited kingdomunited statesurlsvoidtrapvoipvoip attackvpnvpn ipvulnerability scanvulnerability-scanweb app attackweb application attackweb attackweb exploitweb exploitationweb spamweb trafficweb-attack

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
66
SIGNAL
Signal Score
66%
Confidence
25
Reports
First seenOct 3, 2025
Last seenMay 30, 2026
GeolocationPH
CountryPhilippines
LocationManila, National Capital Region
ASNAS9658
OrgEastern Telecommunications Philippines, Inc
Coords14.5503, 121.0330
VPN

VirusTotal

Not checked

WHOIS

raw
inetnum: 116.50.128.0 - 116.50.255.255 netname: ETPI descr: Eastern Telecoms Philippines, Inc. descr: Telecoms Plaza descr: 316 Sen Gil Puyat Ave. descr: Salcedo Village descr: Makati City descr: 1200 country: PH org: ORG-ETPI1-AP admin-c: ETIN1-AP tech-c: ETIN1-AP tech-c: ETIN1-AP abuse-c: AE254-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-PH-ETPI mnt-irt: IRT-ET-PH last-modified: 2020-07-03T06:43:20Z source: APNIC irt: IRT-ET-PH address: 316 Sen. Gil Puyat Ave., Telecoms Plaza Blg., address: Salcedo Village, Makati City. e-mail: [email protected] abuse-mailbox: [email protected] admin-c: RV108-AP tech-c: ETIN1-AP auth: # Filtered remarks: [email protected] was validated on 2025-08-07 mnt-by: MAINT-PH-ETPI last-modified: 2025-09-04T01:01:09Z source: APNIC organisation: ORG-ETPI1-AP org-name: Eastern Telecommunications Philippines, Inc. org-type: LIR country: PH address: Telecoms Plaza Building address: 316 Sen. Gil J.Puyat Avenue address: Salcedo Village phone: +63-2-300-2426 fax-no: +63-2-300-2471 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:14:44Z source: APNIC role: ABUSE ETPH country: ZZ address: 316 Sen. Gil Puyat Ave., Telecoms Plaza Blg., address: Salcedo Village, Makati City. phone: +000000000 e-mail: [email protected] admin-c: RV108-AP tech-c: ETIN1-AP nic-hdl: AE254-AP remarks: Generated from irt object IRT-ET-PH remarks: [email protected] was validated on 2025-08-07 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-08-07T22:57:25Z source: APNIC role: Eastern Telecom IP Networks address: Telecom Plaza address: 316 Sen. Gil Puyat Ave, Makati City country: PH phone: +632-300-2426 fax-no: +632-300-2500 e-mail: [email protected] remarks: send spam and abuse reports to [email protected] remarks: Please include detailed information and remarks: times in UTC remarks: http://www.easterntelecom.com.ph admin-c: RV108-AP tech-c: ETIN1-AP nic-hdl: ETIN1-AP notify: [email protected] mnt-by: MAINT-PH-EASTERN-TELECOM last-modified: 2017-12-29T00:10:14Z source: APNIC route: 116.50.179.0/24 origin: AS9658 descr: Eastern Telecommunications Philippines, Inc. Telecoms Plaza Building 316 Sen. Gil J.Puyat Avenue Salcedo Village mnt-by: MAINT-PH-ETPI last-modified: 2024-03-25T00:44:36Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 8 months ago · Last seen 14 days ago
Appeared in 25 threat reports