IOC Radar
IPMediumSignal 28/100

196.251.80.150

Location
SeychellesSeychelles
Victoria, La Rivière Anglaise
First Seen
Mar 12, 2025
Last Seen
Apr 7, 2026
Mar 12
First Seen
466d ago
Apr 7
Last Seen
75d ago
17
Reports
source reports
28%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
28%
Signal Score
28 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

28 techniques

Network Information

CountrySCSeychelles
RegionVictoria, La Rivière Anglaise
Organization4445 Corporation

Feed Intelligence Summary

17 reports28% confidence
17
Source reports
28%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningafricaattackaustraliabad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute-forccommand and controlcommunication protocolcompromised credentialscowrie honeypotcredential accesscredential stuffingdata exfiltrationdata store exposuredecoy systemdistributed attacksexploitation activityhackingidentity & access exploitationindicatorinfoinitial accessinjection activityipv4malicious activitymalicious softwaremalwarenetherlandsnetworknetwork intrusionnetwork probingnetwork scannetwork scanningnetwork securitynigerianlnoticeoceaniapassword attackspotential vulnerability exploitationprocess injectionreconnaissanceresearchedscscanscannerscanning activitysecurity policyseychellessftp attackssh attackssh monitoringt1018t1021.001t1021.003t1021.004t1040t1041t1046t1055t1059t1059.004t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1583t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat preventiontor nodetpotcevoipvulnerability scan

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
28
SIGNAL
Signal Score
28%
Confidence
17
Reports
First seenMar 12, 2025
Last seenApr 7, 2026
GeolocationSC
CountrySeychelles
LocationVictoria, La Rivière Anglaise
Org4445 Corporation
Coords10.0000, 8.0000

VirusTotal

Not checked

WHOIS

description
IPV4 hosts detected performing scans on production environment located in Australia.
raw
inetnum: 196.251.80.0 - 196.251.80.255 netname: internet-secuirty-cheapyhost descr: internet-security-cheapyhost country: SC admin-c: SOV14-AFRINIC tech-c: CHY12-AFRINIC status: ASSIGNED PA remarks: https://geofeed.african.lat/ipv4.csv mnt-by: SIL3-MNT source: AFRINIC # Filtered parent: 196.251.64.0 - 196.251.127.255 role: External Abuse Team cheapy.host address: 4445 Corporation Ln. STE 264 phone: tel:+1-434-202-3662 abuse-mailbox: [email protected] nic-hdl: CHY12-AFRINIC admin-c: QS12-AFRINIC tech-c: QS12-AFRINIC mnt-by: SIL3-MNT source: AFRINIC # Filtered person: Lucas Cunha Oliveira address: 4445 Corporation Ln. STE 264 Virginia Beach, VA 23462 USA phone: tel:+1-938-204-9112 abuse-mailbox: [email protected] nic-hdl: SOV14-AFRINIC source: AFRINIC # Filtered mnt-by: GENERATED-X8GLGVCSKVBKS3ADFG76SMW3PTHVYDJK-MNT route: 196.251.80.0/24 descr: internet-security-cheapyhost origin: AS401120 mnt-by: SIL3-MNT source: AFRINIC # Filtered
references
https://redpiranha.net, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 17 threat reports