IPMediumSignal 73/100
102.22.20.125
Location
GhanaAccra, Greater Accra
ASN
AS37350
Dimension Data Ltd
First Seen
Oct 6, 2025
Last Seen
Jun 7, 2026
Found in 22 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryGhana
GhanaRegionAccra, Greater Accra
ASNAS37350
OrganizationDimension Data Ltd
IP Category
⊕
VPN
VPN exit node
Feed Intelligence Summary
22 reports73% confidence
22
Source reports
73%
Confidence score
Category tags
abuseaccess attemptsaccess controlaccount compromiseackactive scanactive scanningactive-attackadb attacksadbhoney exploitsadbhoney honeypotapacheapache attackeraptasiaattackattacker ipattacker-ipattempted initial accessaustraliaauthentication attemptsautomated attackautomated attack attemptsautomated attacksautomated multi-vector probingautomated threatautomated_attackbad reputationbad web botblocklist_allblog spambothammerbotnetbotnet activitybotnet activity detectedbrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptsbrute-forcebrute-force-attackbrute_forcec2 communicationcanadacisco brute forcecisco devicecisco device attackscisco exploitation attemptcisco exploitation attemptscloud infrastructurecloud infrastructure attackcloud infrastructure targetcloud servicescms securitycode executioncode injectioncode-injectioncommand & controlcommand and controlcommand executioncommand injectioncommunication protocolcompromised credentialscompromised hostsconnected devicesconpot activityconpot honeypotcowrie activitycowrie attackscowrie honeypotcowrie interactionscowrie logscowrie ssh attackscredential accesscredential access attemptscredential attackcredential attackscredential brute forcecredential guessingcredential harvestingcredential stuffingcredential-accesscredential-stuffingcvecyberattackdaily-threat-feeddata encryptiondata exfiltrationdata store exposuredatabase attackdatabase brute forcedatabase probingdatabase securityddosddos attackddos reflectiondecoy systemdenial of servicedenial-of-servicedevice managementdigital oceandionaea activitydionaea attacksdionaea honeypotdionaea interactionsdionaea malware collectiondionaea payloadsdirectory traversaldirectory traversal attacksdnsdns attackelasticpot honeypotelasticsearch monitoringencryptionenterprise networkingenumerationeuropeexploitexploit attemptexploit attemptsexploit-attemptsexploitationexploitation activityexploitation attemptexploitation attemptsexploited hostexploitsexternal access attemptsexternal threatexternal_threatfattfatt detectionsfatt signaturesfin scanfranceftpftp attacksftp brute forceftp scanftp scanningget requestget request attacksghhackinghoneypot datahoneytrap datahoneytrap eventshoneytrap honeypothoneytrap interactionshttp attackhttp brute forcehttp probinghttp scanhttp scannerhttp scanninghttp/httpshttp/shttpshttps scanningicmpics securityics/scada attacksidentity & access exploitationindicatorindustrial control systemsindustrial iotinitial accessinitial access activityinitial access preparationinitial-accessinitial_accessinitial_access_attemptinjection activityinjection attacksinput validation bypassinternet background noiseinternet facing assetsinternet facing systemsinternet of thingsinternet scaninternet-scanninginternet-wide scaninternet_wide_scanintrusion detectioniociot analyticsiot applicationsiot attacksiot platformsiot securityiot targetediot/ics attackip-addressipphoney honeypotipv4ipv4 addressesipv4-scanningipv4_indicatorsjapanknown vulnerabilitieslamplamp attacklamp exploitation attemptslamp server attacklamp server targetinglamp stack attacklamp stack targetinglamp vulnerability scanninglateral movementlateral movement attemptlinux serverslinux systemslog4jlog4j vulnerability attemptslogin attacklogin attemptslondonmailoney activitymailoney eventsmailoney honeypotmailoney interactionsmalicious activitymalicious activity detectedmalicious emailmalicious ip activitymalicious ip indicatorsmalicious network activitymalicious payloadmalicious softwaremalicious trafficmalicious-activitymalwaremalware analysismalware behaviourmalware capturemalware delivery attemptmalware detectionmalware distributionmalware download attemptsmass scanningmass-scanningnetworknetwork attacksnetwork device probingnetwork discoverynetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork intrusion detectionnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork servicesnetwork traffic analysisnetwork-attacknetwork-device-exploitationnetwork-devicesnetwork-reconnaissancenetwork_scannetwork_scanningnorth americanull scanoceaniaopportunistic attackp0fp0f signaturespassword attackpassword attackspassword crackingpassword-guessingpath traversalphishingphishing attackphishing trapping of deathport-scanport-scanningpossible malware distributionpossible malware infectionpossible mirai variantpost requestpost request attackspotential malicious activitypre-attackprocess injectionprotocol exploitationransomwarerdp scanrdp scanningrealtime-wafreconnaissancereconnaissance activityredis honeypotredishoneypot activityremote accessremote access attackremote access attemptsremote code executionremote servicesresearchedresource hijackingscannerscannersscanning activityscript injectionscripting attackssecurity eventsecurity policysensor-taggedsentrypeer botnetsentrypeer detectionsentrypeer eventssentrypeer interactionssentrypeer sip attacksservice discoveryservice enumerationservice scanservice scanningsftp access attemptsftp access attemptssftp activitysftp attacksftp attackssftp attemptsftp probingshell injectionshellshocksiemsip attackssip brute forcesip scansip scanningsip vulnerability scansmart devicessmb attackssmb scanningsmtpsmtp attacksmtp brute forcesmtp enumerationsmtp probingsmtp scansmtp scanningsocial engineeringsocradar honeypotspamsql injection attemptssql-injectionsshssh attackssh monitoringssh scanssh scanningstrutssuricata alertssynsystem accesst1005t1016t1018t1020t1021t1021.001t1021.002t1040t1041t1046t1053t1055t1056t1059t1059.003t1059.004t1059.007t1068t1071t1071.001t1076t1077t1078t1081t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1199t1203t1204.002t1210t1486t1496t1498.001t1499.001t1499.002t1499.003t1555t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1573t1583t1589t1590t1590.005t1590.006t1592t1592.002t1595t1595.001t1595.001: vulnerability scanningt1595.002t1595.003t1595.003: port scanningt1595: active scanningta0043: reconnaissancetannertanner eventstanner interactionstargeting databasetcp protocoltcp scantcp scanningtcp/iptelecommunicationstelnet scantelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetorontotpotudp port scanudp scanunattributed threat actorunauthorized accessunauthorized access attemptunited kingdomunited statesunknown actorunknown threat actorus source ipvalid accountsvoidtrapvoipvoip attackvpnvpn ipvulnerability scanvulnerability-scanvulnerability-scanningweb app attackweb applicationweb application attackweb application attacksweb application exploitationweb application scanweb application scanningweb attackweb attack attemptsweb attacksweb exploitweb exploit attemptweb exploitationweb serverweb server probingweb service scanningweb spamweb trafficweb-attackweb-exploitationweb-serversxmas scanxssxss attacks
Activity Timeline
Jun 7Jun 7
Threat Activity Heatmap
· Peak: 2026-06-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
22
Reports
First seenOct 6, 2025
Last seenJun 7, 2026
GeolocationGH
CountryGhana
LocationAccra, Greater Accra
ASNAS37350
OrgDimension Data Ltd
Coords5.6037, -0.1870
VPN
VirusTotal
Not checked
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 8 months ago · Last seen 20 days ago
Appeared in 22 threat reports