IOC Radar
IPMediumSignal 66/100

79.161.216.160

Location
NorwayNorway
Skien, Rogaland
ASN
AS29695
Altibox
First Seen
Apr 15, 2026
Last Seen
May 1, 2026
Apr 15
First Seen
59d ago
May 1
Last Seen
44d ago
8
Reports
source reports
66%
Confidence
medium
9/91
VirusTotal
detections
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
66%
Signal Score
66 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryNONorway
RegionSkien, Rogaland
ASNAS29695
OrganizationAltibox

Feed Intelligence Summary

8 reports66% confidence
8
Source reports
66%
Confidence score
Category tags
active scanaptbrute forcebrute-forcebruteforceeuropeindicatornetworknonorwayresearchedscannersshthreat actortor node

Activity Timeline

1 total obs
May 1May 1

Threat Activity Heatmap

· Peak: 2026-05-01
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, holds significant concern given its high threat score and non-whitelisted status, indicating a high likelihood of malicious or undesirable activity. Its presence in multiple prominent threat intelligence feeds, including those specifically identifying potential attackers and botnet lists, suggests it is actively involved in cyber hostile operations. If this IOC is observed communicating within our network, it could signal an active compromise,…

Threat ScoreMedium Risk
66
SIGNAL
Signal Score
66%
Confidence
8
Reports
First seenApr 15, 2026
Last seenMay 1, 2026
GeolocationNO
CountryNorway
LocationSkien, Rogaland
ASNAS29695
OrgAltibox
Coords58.9700, 5.7331

VirusTotal

9/ 91vendors flagged
10% detection rateJun 3, 2026

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
inetnum: 79.161.216.128 - 79.161.216.191 netname: NO-LYSE-CUSTOMER-RESIDENTIAL-LINKNETS descr: Altibox Residential Customer Linknets remarks: INFRA-AW country: NO admin-c: LYSE1-RIPE tech-c: LYSE1-RIPE status: ASSIGNED PA mnt-by: LYSE-MNT created: 2012-02-15T14:46:09Z last-modified: 2012-02-15T14:46:09Z source: RIPE # Filtered role: Altibox role Object address: Altibox AS address: Postboks 8124 address: NO-4069 Stavanger address: Norway phone: +47 5190 8000 fax-no: +47 5190 8001 admin-c: RA1765-RIPE tech-c: DAK29-RIPE tech-c: RA1765-RIPE tech-c: MBH17-RIPE tech-c: ES8317-RIPE nic-hdl: LYSE1-RIPE mnt-by: LYSE-MNT abuse-mailbox: [email protected] created: 2002-11-01T11:09:39Z last-modified: 2014-12-12T11:04:48Z source: RIPE # Filtered route: 79.160.0.0/15 descr: Altibox AS origin: AS29695 mnt-lower: LYSE-MNT mnt-routes: LYSE-MNT mnt-by: LYSE-MNT created: 2007-06-19T21:21:46Z last-modified: 2015-05-20T14:39:28Z source: RIPE # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 1 month ago
Appeared in 8 threat reports