IPMediumSignal 77/100
186.94.181.181
Location
Venezuela, Bolivarian Republic ofCaracas, Distrito Federal
ASN
AS8048
CANTV Servicios, Venezuela
First Seen
Jun 30, 2025
Last Seen
Feb 6, 2026
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
77%
Signal Score
77 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryVenezuela, Bolivarian Republic of
Venezuela, Bolivarian Republic ofRegionCaracas, Distrito Federal
ASNAS8048
OrganizationCANTV Servicios, Venezuela
Feed Intelligence Summary
10 reports77% confidence
10
Source reports
77%
Confidence score
Category tags
abuseaccess controlactive scanningattackbotnetbotnet activity detectedbrute forcebrute force attackbrute force attacksbrute force attemptc2c2 communicationcommand and controlcommunication protocolcompromised credentials attemptcompromised hostscowrie honeypotcredential accesscredential stuffingdata exfiltrationdata exfiltration attemptddos attacksddos preparationdecoy systemdictionary attackdionaea honeypotdistributed attacksenumerationexploit attemptsexploitationfailed login attemptsftp brute forcehoneytrap honeypothttp scanninghttps scanningindicatorinitial accessinternet of thingsintrusion detectioniociot botnetiot/ics attacklamplamp exploit attemptslamp exploitation attemptlateral movementmalicious activitymalicious payload attemptmalicious softwaremalwaremalware behaviourmalware capturemalware distributionmirai botnetnetworknetwork attacksnetwork enumerationnetwork intrusionnetwork scanningnetwork securitynetwork service scanningnorth americapassword attackspassword sprayingpotential malware distributionpotential malware uploadprocess injectionprotocol exploitationproxy activityreconnaissanceremote accessresearchedscanscannersecurity policysftp activitysftp attackshellsmtp scanningsouth americassh attackssh monitoringt1003t1005t1016t1018t1021t1021.001t1021.002t1021.004t1040t1041t1043t1046t1047t1053t1053.005t1055t1056t1059t1059.004t1059.005t1059.007t1071t1071.001t1071.002t1071.004t1078t1078.001t1083t1090t1090.001t1090.002t1090.003t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1199t1203t1204.002t1486t1496t1497t1499.001t1499.002t1499.003t1550t1552t1555t1556t1565t1566t1566.001t1573t1595t1595.001t1595.002t1595.003tcp protocoltcp/23telnet threatthreat actorthreat detectionthreat intelligencethreat preventionunauthorized access attemptunited statesvenezuela, bolivarian republic of
Activity Timeline
Feb 6Feb 6
Threat Activity Heatmap
· Peak: 2026-02-06LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
77
SIGNAL
Signal Score
77%
Confidence
10
Reports
First seenJun 30, 2025
Last seenFeb 6, 2026
GeolocationVE
CountryVenezuela, Bolivarian Republic of
LocationCaracas, Distrito Federal
ASNAS8048
OrgCANTV Servicios, Venezuela
Coords10.6533, -71.6512
VirusTotal
Not checked
WHOIS
- description
- dionaea, heralding, malicious, ssh, sftp, cowrie, LAMP, honeytrap
- raw
- inetnum: 186.88.0.0/13 status: allocated aut-num: N/A owner: CANTV Servicios, Venezuela ownerid: VE-CSVE-LACNIC responsible: CANTV GSR address: Segunda Avenida de los Palos Grandes, 000, Entre Av. Fr address: 1060 - Caracas - MI country: VE phone: +58 2095685 [0000] owner-c: LUM tech-c: LUM abuse-c: LUM inetrev: 186.88.0.0/13 nserver: NS1.CANTV.NET nsstat: 20250901 AA nslastaa: 20250901 nserver: NS2.CANTV.NET nsstat: 20250901 AA nslastaa: 20250901 nserver: DNS1.CANTV.NET nsstat: 20250901 AA nslastaa: 20250901 nserver: DNS2.CANTV.NET nsstat: 20250901 AA nslastaa: 20250901 created: 20091118 changed: 20091118 nic-hdl: LUM person: Ger Sop e-mail: [email protected] address: CANTV COR Los Palos Grandes Chacao Caracas Venezuela, 000, - address: 1060 - Caracas - MI country: VE phone: +58 02125000000 [0000] created: 20020911 changed: 20240809
- references
- https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 4 months ago
Appeared in 10 threat reports