IOC Radar
IPMediumSignal 42/100

200.107.37.114

Location
EcuadorEcuador
Guayaquil, Guayas
ASN
AS28006
Corporacion Nacional De Telecomunicaciones - CNT EP
First Seen
Jan 20, 2021
Last Seen
May 1, 2026
Jan 20
First Seen
1969d ago
May 1
Last Seen
43d ago
6
Reports
source reports
42%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
42%
Signal Score
42 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

26 techniques

Network Information

CountryECEcuador
RegionGuayaquil, Guayas
ASNAS28006
OrganizationCorporacion Nacional De Telecomunicaciones - CNT EP

Feed Intelligence Summary

6 reports42% confidence
6
Source reports
42%
Confidence score
Category tags
active scanactive scanningadbhoney honeypotattackaustraliaauthentication attemptsbotnetbotnet activitybrute forcebrute force attackbrute force attackscisco devicecommand and controlcommunication protocolconpot honeypotcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase attackdatabase attacksdatabase exploitation attemptdatabase securitydecoy systemdevice managementdionaea honeypotecelasticpot honeypotelasticsearch monitoringenterprise networkingexploitexploitation activityexploited hostexternal threatfattftp brute forceftp brute-forcehoneytrap honeypothttp brute forceics securityidentity & access exploitationindicatorindustrial control systemsinitial accessintrusion detectioniociot attacksiot device targetingiot securityiot/ics attackipphoney honeypotlamplateral movementmailoney honeypotmalicious activitymalwaremalware behaviourmalware capturenetworknetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork scanningnetwork securityoceaniap0fpassword attacksphishingphishing attackphishing trapprotocol exploitationreconnaissanceredis honeypotremote loginresearchedresource hijackingscannerscripting attackssensor-taggedsentrypeer botnetsftp attacksip brute forcesip scanningsmtp brute forcesocial engineeringssh attackssh brute-forcessh monitoringt1021t1021.001t1040t1041t1059t1059.007t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1496t1499.001t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotvoipvoip attackweb application attacksweb attackweb exploitation

Activity Timeline

1 total obs
May 1May 1

Threat Activity Heatmap

· Peak: 2026-05-01
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
42
SIGNAL
Signal Score
42%
Confidence
6
Reports
First seenJan 20, 2021
Last seenMay 1, 2026
GeolocationEC
CountryEcuador
LocationGuayaquil, Guayas
ASNAS28006
OrgCorporacion Nacional De Telecomunicaciones - CNT EP
Coords-2.2038, -79.8819

VirusTotal

Not checked

WHOIS

raw
Socket not responding: [Errno 111] Connection refused

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 1 month ago
Appeared in 6 threat reports