IOC Radar
IPMediumSignal 51/100

68.168.118.2

Location
CanadaCanada
Montreal, Quebec
ASN
AS36666
GloboTech Communications
First Seen
Feb 11, 2025
Last Seen
Jun 13, 2026
Feb 11
First Seen
495d ago
Jun 13
Last Seen
8d ago
10
Reports
source reports
51%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

26 techniques

Network Information

CountryCACanada
RegionMontreal, Quebec
ASNAS36666
OrganizationGloboTech Communications

Feed Intelligence Summary

10 reports51% confidence
10
Source reports
51%
Confidence score
Category tags
abuseaptapt groupbad reputationbanking trojanbec attackbec phishingbotnetbotnet activitybrute forcec2c2 communicationcacanadacommand & controlcommand and controlcompromised websitescredential harvestingcredential phishingcredential stuffingcredential theftcyber threatsdata encryptiondata exfiltrationdata store exposuredistributed attacksencryptionexploitation activityextortionfinancefinancial serviceshas expiredidentity & access exploitationindicatorinjection activityioclatestlink manipulationlink phishingmalicious attachmentmalicious softwaremalwaremalware deliverymalware distributionnetworknorth americaphishingphishing attackphishing attemptphishing campaignproceedprocess injectionransomwareresearchedsocial engineeringsolar spider groupspamspam campaignspear phishing attacksystem disruptiont1055t1071t1071.001t1078t1083t1189t1192t1204.002t1486t1490t1496t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1566.004t1573t1573.001t1573.002t1598t1598.003t1598.004threat actortor nodeturkeywhaling attack

Activity Timeline

1 total obs
Jun 13Jun 13

Threat Activity Heatmap

· Peak: 2026-06-13
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
10
Reports
First seenFeb 11, 2025
Last seenJun 13, 2026
GeolocationCA
CountryCanada
LocationMontreal, Quebec
ASNAS36666
OrgGloboTech Communications
Coords43.6319, -79.3716

VirusTotal

Not checked

WHOIS

description
CC=CA ASN=AS36666 globotech communications
raw
NetRange: 68.168.112.0 - 68.168.127.255 CIDR: 68.168.112.0/20 NetName: GTCOMM NetHandle: NET-68-168-112-0-1 Parent: NET68 (NET-68-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: GloboTech Communications (GLOBO) RegDate: 2009-02-19 Updated: 2014-08-07 Comment: www.gtcomm.net Ref: https://rdap.arin.net/registry/ip/68.168.112.0 OrgName: GloboTech Communications OrgId: GLOBO Address: 3195 chemin Bedford, unite D City: Montreal StateProv: QC PostalCode: H3S 1G3 Country: CA RegDate: 2003-01-11 Updated: 2024-11-25 Comment: Please send abuse complaints to [email protected] Comment: http://www.globo.tech Ref: https://rdap.arin.net/registry/entity/GLOBO OrgNOCHandle: GNO-ARIN OrgNOCName: GloboTech Network Operations Center OrgNOCPhone: +1-514-907-0050 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/GNO-ARIN OrgTechHandle: PQU-ARIN OrgTechName: Quimper, Pierre-Luc OrgTechPhone: +1-514-907-0750 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/PQU-ARIN OrgTechHandle: TCG2-ARIN OrgTechName: Technical Contact GloboTech OrgTechPhone: +1-514-907-0050 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/TCG2-ARIN OrgAbuseHandle: ABUSE4826-ARIN OrgAbuseName: Abuse Coordinator OrgAbusePhone: +1-514-907-0050 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE4826-ARIN RNOCHandle: GNO-ARIN RNOCName: GloboTech Network Operations Center RNOCPhone: +1-514-907-0050 RNOCEmail: [email protected] RNOCRef: https://rdap.arin.net/registry/entity/GNO-ARIN RAbuseHandle: ABUSE4826-ARIN RAbuseName: Abuse Coordinator RAbusePhone: +1-514-907-0050 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE4826-ARIN RTechHandle: GNO-ARIN RTechName: GloboTech Network Operations Center RTechPhone: +1-514-907-0050 RTechEmail: [email protected] RTechRef: https://rdap.arin.net/registry/entity/GNO-ARIN
references
Cyber Threat Advisory - Solar Spider Targets Indian and Middle Eastern Banks.pdf, https://threatfox.abuse.ch/export/csv/recent/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 8 days ago
Appeared in 10 threat reports