IOC Radar
IPMediumSignal 65/100

154.79.248.158

Location
KenyaKenya
Nairobi, Nairobi City
ASN
AS36926
Airtel KE Mobile & Fixed Internet
First Seen
Jan 18, 2023
Last Seen
Jun 6, 2026
Jan 18
First Seen
1243d ago
Jun 6
Last Seen
9d ago
14
Reports
source reports
65%
Confidence
medium
3/91
VirusTotal
detections
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

38 techniques

Network Information

CountryKEKenya
RegionNairobi, Nairobi City
ASNAS36926
OrganizationAirtel KE Mobile & Fixed Internet

Feed Intelligence Summary

14 reports65% confidence
14
Source reports
65%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningadbhoney honeypotafricaattackattacking-ipsaustraliaauthentication abuseauthentication attackauthentication brute forcebad reputationbotnetbotnet activitybotnet-activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsbrute-forcecisco brute forcecisco devicecisco exploit attemptcisco exploitation attemptcommand injectioncommunication protocolcompromised credentialsconpot honeypotcowrie activitycowrie honeypotcredential accesscredential attackcredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase attacksdatabase exploitation attemptdatabase securityddosdecoy systemdenial of servicedevice managementdionaea activitydionaea honeypotdionaea malware analysisdnsdns attackelasticpot honeypotelasticsearch monitoringencryptionenterprise networkingexploitexploitation activityexploitation attemptfailed loginfattftpftp brute forceftp brute-forcehackingheralding attack patternhoneytrap honeypothttp scannerics securityidentity & access exploitationindicatorindicators-of-compromiseindustrial control systemsinitial accessinjection activityinternet-facingiot attacksiot device targetingiot securityiot/ics attackipphoney honeypotipv4ipv4 attackskekenyalamplamp vulnerability scanlateral movementlogin attackmailoney activitymailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork activitynetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynorth americaoceaniaopportunistic-attackp0fpassword attackpassword attacksphishingphishing attackphishing trapport-scanningprocess injectionprotocol exploitationpython script activityreconnaissanceredis honeypotremote accessresearchedresource hijackingscannerscanning activityscripting attackssecurity policysensor-taggedsentrypeer activitysentrypeer botnetservice scansftp access attemptsftp attacksftp exploit attemptsip brute forcesip scanningsmtpsocial engineeringspamssh attackssh brute-forcessh monitoringt-pott1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.007t1071t1071.001t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1555t1565t1566.001t1566.002t1566.003t1566.004t1588.004t1592t1595t1595.001t1595.002t1595.003tannertanner activitytargeting databasetelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventionthreat-intelligencetor nodetpotunauthorized accessunauthorized loginunited statesvoipvoip attackvulnerability scanvulnerability-scanningweb app attackweb application attackweb application attacksweb attackweb exploitationweb traffic

Activity Timeline

1 total obs
Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
14
Reports
First seenJan 18, 2023
Last seenJun 6, 2026
GeolocationKE
CountryKenya
LocationNairobi, Nairobi City
ASNAS36926
OrgAirtel KE Mobile & Fixed Internet
Coords-1.2833, 36.8167

VirusTotal

3/ 91vendors flagged
3% detection rateJun 7, 2026

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 9 days ago
Appeared in 14 threat reports