IOC Radar
IPMediumSignal 84/100

201.196.26.166

Location
Costa RicaCosta Rica
Alajuela, San Jose
ASN
AS11830
Tres Rios
First Seen
Jul 3, 2024
Last Seen
Feb 24, 2026
Jul 3
First Seen
709d ago
Feb 24
Last Seen
109d ago
11
Reports
source reports
84%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
84%
Signal Score
84 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

34 techniques

Network Information

CountryCRCosta Rica
RegionAlajuela, San Jose
ASNAS11830
OrganizationTres Rios

Feed Intelligence Summary

11 reports84% confidence
11
Source reports
84%
Confidence score
Category tags
abuseactive scanningattackbotnetbrute forcebrute force attackbrute force attackscommand and controlcommunication technologiescompromised hostscosta ricacowrie honeypotcredential accesscredential stuffingdata exfiltrationddosddos attacksdecoy systemdenial of servicedionaea honeypotdistributed attacksexploit attemptsftp brute forcehackinghoneytrap honeypothttp brute forceindicatorinternet of thingsiot botnetiot/ics attacklamplateral movementmalicious activitymalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware distributionmalware propagationmalware scanningmalware-related botnet activitymirai botnetmobile carriersmobile networksnetworknetwork probingnetwork scanningnetwork securitypassword attackspossible botnet infectionprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedrtbhscannersftp attacksmtp brute forcesocradar honeypotsql injection attemptsssh attackssh monitoringt1018t1021t1021.001t1040t1041t1046t1055t1059t1071t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1204.002t1210t1486t1496t1499.002t1499.003t1563t1565t1588t1595t1595.001t1595.002t1595.003tcp/23telecom servicestelecommunicationstelnet threatthreat actorthreat detectionthreat intelligence

Activity Timeline

1 total obs
Feb 24Feb 24

Threat Activity Heatmap

· Peak: 2026-02-24
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
84
SIGNAL
Signal Score
84%
Confidence
11
Reports
First seenJul 3, 2024
Last seenFeb 24, 2026
GeolocationCR
CountryCosta Rica
LocationAlajuela, San Jose
ASNAS11830
OrgTres Rios
Coords9.9333, -84.0833

VirusTotal

Not checked

WHOIS

raw
inetnum: 201.196.26.0/23 status: reallocated aut-num: AS202 aut-num: AS203 aut-num: AS11830 aut-num: AS3356 owner: TRES RIOS ownerid: CR-TRRI-LACNIC responsible: Desarrollo de la red ICE address: 100032, 1, 1 address: 1 - Oeste - country: CR phone: +506 22207465 owner-c: REJ tech-c: REJ abuse-c: REJ created: 20080901 changed: 20080901 inetnum-up: 201.192.0.0/12 nic-hdl: REJ person: Disenno y Transporte, ICE e-mail: [email protected] address: 10032-1000 San José, Costa Rica, 10032, San José address: 10032-100 - San José - cr country: CR phone: +506 20001123 [0000] created: 20041004 changed: 20220224
references
https://list.rtbh.com.tr/output.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 11 threat reports