IOC Radar
IPMediumSignal 71/100

41.219.180.83

Location
NigeriaNigeria
Lagos, LA
ASN
AS30998
SIL Chemicals Ltd
First Seen
Aug 18, 2024
Last Seen
Feb 27, 2026
Aug 18
First Seen
664d ago
Feb 27
Last Seen
105d ago
8
Reports
source reports
71%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Network Information

CountryNGNigeria
RegionLagos, LA
ASNAS30998
OrganizationSIL Chemicals Ltd

Feed Intelligence Summary

8 reports71% confidence
8
Source reports
71%
Confidence score
Category tags
abuseaccess controlactive scanningadbhoney attacksadbhoney honeypotafricaapplication layer protocolattackattack sourceaustraliaauthentication abuseauthentication attackauthentication failureauthentication_bypassautomated attackbotnetbrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptscisco devicecisco exploitationcisco exploitation attemptscisco ioscommand and controlcommand injectioncommunication protocolcompromised hostconnected devicesconpot honeypotcowrie honeypotcowrie ssh attackscowrie ssh honeypotcredential accesscredential attackcredential brute-forcecredential harvestingcredential stuffingcredential-attackdata encryptiondata exfiltrationdatabase attacksdatabase exploitation attemptdatabase securitydatabase-serviceddosdecoy systemdefault credential abusedenial of servicedevice managementdionaea honeypotdionaea malware collectiondistributed attacksdnselasticpot honeypotelasticsearch monitoringenterprise networkingexploitexploit attemptsexploitationexploitation attemptexploitation attemptsexploitation-attemptexploited hostfattftpftp attacksftp brute forceftp brute-forcehackinghoneytrap honeypothttp brute forcehttp scannerhttp/shttpsics securityics/scada protocolsindicatorindicators of compromiseindustrial control systemsindustrial iotinitial accessinjection attacksinternet of thingsinternet-facingiociot analyticsiot applicationsiot attacksiot device exploitationiot device targetingiot platformsiot securityiot/ics attackipphoney honeypotipv4ipv4 attacksipv4_addresslamplamp server attacklamp vulnerability scanlateral movementlinux serverlinux-serverlogin attackmailoney email attacksmailoney honeypotmalicious activitymalicious payload attemptmalicious softwaremalicious-activitymalwaremalware behaviourmalware capturemalware deliverymalware detectionmalware distributionmodbusmssqlnetworknetwork activitynetwork attacksnetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisnetwork-based attack attemptsnetwork-devicenetwork_service_exploitationnigeriaoceaniap0fpassword attackpassword attacksphishingphishing attackphishing trapport-scanprocess injectionprotocol exploitationrdp attacksreconnaissanceredis honeypotremote accessremote access attemptsremote serviceremote servicesremote_accessresearchedresource hijackingscadascannerscanning activityscripting attackssecurity policysensor-taggedsentrypeer botnetserver exploitationsftp attacksftp exploitationshell access attemptssip brute forcesip scanningsmart devicessmtpsmtp attackssocial engineeringspamsql injectionsql injection attemptssh attackssh attacksssh brute-forcessh monitoringt-pott1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1071t1071.001t1076t1077t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1195.001t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1505.002t1563t1565t1566.001t1566.002t1566.003t1566.004t1583.001t1588.004t1595t1595.001t1595.002t1595.003tannertanner web attackstcp protocoltelecommunicationstelnet attackstelnet threatthreat actorthreat detectionthreat intelligencethreat intelligence feedthreat preventiontpottpotceunauthorized loginvnc protocolvoipvoip attackweb application attackweb application attacksweb attackweb exploitationweb spamweb trafficweb-service

Activity Timeline

1 total obs
Feb 27Feb 27

Threat Activity Heatmap

· Peak: 2026-02-27
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
8
Reports
First seenAug 18, 2024
Last seenFeb 27, 2026
GeolocationNG
CountryNigeria
LocationLagos, LA
ASNAS30998
OrgSIL Chemicals Ltd
Coords6.4474, 3.3903

VirusTotal

Not checked

WHOIS

description
2025-03-05T21:04:34.900Z Honeypot : Heralding : Source: 41.219.180.83 : Username/Password: USER/admin06 Port: 1080 Message: 2025-03-05 21:04:34.900397,cd2f27d0-b110-4625-9cf9-bf92d5179004,7f7b218a-ab06-4717-aabd-7492f26fbf61,41.219.180.83,34067,99.18.26.19,1080,socks5,USER,admin06,
raw
inetnum: 41.219.180.80 - 41.219.180.87 netname: NGLANC1214 descr: SIL_Chemicals_Ltd_Deactivated country: NG admin-c: MKN2-AFRINIC tech-c: MKN2-AFRINIC status: ASSIGNED PA mnt-by: NAL-MNT source: AFRINIC # Filtered parent: 41.219.128.0 - 41.219.191.255 person: Michael Kenjie Nukui address: 6F SAPT #1 Adeola Odeku St., Victoria Island phone: tel:+234-803-638-2667 nic-hdl: MKN2-AFRINIC mnt-by: GENERATED-OX7EYOCCMVCR8QMNJ1SQE0GRATEPCHUQ-MNT source: AFRINIC # Filtered
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 8 threat reports