Sign In

IP Intelligence

IP Intelligence data on potentially vulnerable systems, attacker command & control infrastructure (C2), honeypots, and more.
Schedule A Demo
GET /v3/index/ipintel-3d?id=initial-access&country=Kenya
    [
  {
    "ip": "197.248.210.223",
    "port": 3013,
    "ssl": false,
    "lastSeen": "2025-10-10T02:12:29.637398",
    "asn": "AS37061",
    "country": "Kenya",
    "country_code": "KE",
    "city": "Nairobi",
    "cve": [
      "CVE-2017-17215"
    ],
    "matches": [
      "Huawei EchoLife HG532 UPNP Command Injection"
    ],
    "hostnames": [
      "197-248-210-223.safaricombusiness.co.ke"
    ],
    "type": {
      "id": "initial-access",
      "kind": "",
      "finding": "potentially vulnerable"
    },
    "feed_ids": [
      "ec6e3e94-a897-4152-8c16-74983e4a39fd"
    ],
    "_timestamp": "2025-10-10T12:42:37.741942759Z"
  },
  {
    "ip": "41.212.56.92",
    "port": 20440,
    "ssl": false,
    "lastSeen": "2025-10-10T01:49:48.441992",
    "asn": "AS15399",
    "country": "Kenya",
    "country_code": "KE",
    "city": "Mombasa",
    "cve": [
      "CVE-2017-17215"
    ],
    "matches": [
      "Huawei EchoLife HG532 UPNP Command Injection"
    ],
    "hostnames": [
      "41.212.56.92.wananchi.com"
    ],
    "type": {
      "id": "initial-access",
      "kind": "",
      "finding": "potentially vulnerable"
    },
    "feed_ids": [
      "ec6e3e94-a897-4152-8c16-74983e4a39fd"
    ],
    "_timestamp": "2025-10-10T12:44:12.548104209Z"
  },
  {
    "ip": "41.212.56.92",
    "port": 46443,
    "ssl": false,
    "lastSeen": "2025-10-10T01:45:15.976491",
    "asn": "AS15399",
    "country": "Kenya",
    "country_code": "KE",
    "city": "Mombasa",
    "cve": [
      "CVE-2017-17215"
    ],
    "matches": [
      "Huawei EchoLife HG532 UPNP Command Injection"
    ],
    "hostnames": [
      "41.212.56.92.wananchi.com"
    ],
    "type": {
      "id": "initial-access",
      "kind": "",
      "finding": "potentially vulnerable"
    },
    "feed_ids": [
      "ec6e3e94-a897-4152-8c16-74983e4a39fd"
    ],
    "_timestamp": "2025-10-10T12:42:41.816303689Z"
  }
]
VulnCheck Platform

Why VulnCheck IP Intelligence

  • Focused on What Matters
    Unlike other IP Intelligence feeds, VulnCheck IP Intelligence focuses on potentially vulnerable systems, attacker command & control (C2) infrastructure, and honeypots.
  • Exclusively Threat Focused
    Emerging threats lead to breached systems. VulnCheck IP Intelligence helps organizations block attacker infrastructure and quickly find vulnerable systems.
  • Command and Control (C2)
    Live tracking of attacker command & control (C2) infrastructure allows organizations to hunt new and unknown threat actor campaigns, as well as implement dynamic block lists at the firewall automatically.
  • Historic Data Available
    VulnCheck IP Intelligence includes data from the past 3 days (what's live on the Internet currently), past 10 days, past 30 days, & the past 90 days, giving teams the ability to hunt historic IP data.

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.
  • Vulnerability Prioritization
    Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
  • Early Warning System
    Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.
Schedule a Demo