IOC Radar
IPMediumSignal 79/100

102.69.239.225

Location
KenyaKenya
Nairobi, Nairobi County
ASN
AS328465
Integrated Payment Services Limited
First Seen
Mar 24, 2026
Last Seen
May 27, 2026
Mar 24
First Seen
81d ago
May 27
Last Seen
17d ago
18
Reports
source reports
79%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
79%
Signal Score
79 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryKEKenya
RegionNairobi, Nairobi County
ASNAS328465
OrganizationIntegrated Payment Services Limited

Feed Intelligence Summary

18 reports79% confidence
18
Source reports
79%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningafricaaggressive-detectionapacheapache attackeraptattackbad reputationblocklist_allbrute forcebrute force attackbrute force attackerbrute-forcebruteforceconnection-resetcowriecredential accesscredential stuffingddosddos attackdenial of servicedigital oceanexploitexploitation activityexploited hostexport-to-otxhackinghoneypot 24h activityidentity & access exploitationindicatorkekenyamalicious activitymalwaremispnetworkpassword attacksping of deathportscanprotocol-probingransomwarereconnaissanceresearchedscannerscannerssecurity policyservice scansocradar honeypotsshssh attackssh bruteforcet1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003threat actorthreat preventionthreat-inteltor nodetpotvulnerability scanvulnerability-exploitationvultrweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
May 27May 27

Threat Activity Heatmap

· Peak: 2026-05-27
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
79
SIGNAL
Signal Score
79%
Confidence
18
Reports
First seenMar 24, 2026
Last seenMay 27, 2026
GeolocationKE
CountryKenya
LocationNairobi, Nairobi County
ASNAS328465
OrgIntegrated Payment Services Limited
Coords1.0000, 38.0000

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://jamesbrine.com.au/digitaloceantoronto-ssh-bruteforce-ip-list-2026-04-18/, https://jamesbrine.com.au, https://jamesbrine.com.au/vultrparis-portscan-bruteforce-ip-list-2026-04-18/, https://jamesbrine.com.au/vultrparis-ssh-bruteforce-ip-list-2026-04-18/, https://jamesbrine.com.au/vultrparis-portscan-bruteforce-ip-list-2026-04-16/, https://jamesbrine.com.au/vultrparis-ssh-bruteforce-ip-list-2026-04-16/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 17 days ago
Appeared in 18 threat reports