Sign In

IP Intelligence

IP Intelligence data on potentially vulnerable systems, attacker command & control infrastructure (C2), honeypots, and more.
Schedule A Demo
GET /v3/index/ipintel-3d?id=initial-access&country=Kenya
    {
  "_meta": {
    "timestamp": "2024-05-31T16:24:26.652434716Z",
    "index": "ipintel-3d"
  },
  "data": [
    {
      "ip": "41.60.234.236",
      "port": 80,
      "ssl": false,
      "lastSeen": "2024-05-29T17:07:36.112496",
      "asn": "AS30844",
      "country": "Kenya",
      "country_code": "KE",
      "city": "Nairobi",
      "cve": [
        "CVE-2023-30799"
      ],
      "matches": [
        "Mikrotik RouterOS FoisHandler Code Execution (mipsbe)"
      ],
      "hostnames": [],
      "type": {
        "id": "initial-access",
        "finding": "potentially vulnerable"
      },
      "feed_ids": [
        "80597145-be58-4754-b96a-fd0afa199657"
      ],
      "_timestamp": "2024-05-31T10:59:07.093811Z"
    },
    {
      "ip": "41.72.199.244",
      "port": 80,
      "ssl": false,
      "lastSeen": "2024-05-30T00:04:20.804833",
      "asn": "AS30844",
      "country": "Kenya",
      "country_code": "KE",
      "city": "Nairobi",
      "cve": [
        "CVE-2023-30799"
      ],
      "matches": [
        "Mikrotik RouterOS FoisHandler Code Execution (mipsbe)"
      ],
      "hostnames": [
        "41.72.199.244.liquidtelecom.net"
      ],
      "type": {
        "id": "initial-access",
        "finding": "potentially vulnerable"
      },
      "feed_ids": [
        "80597145-be58-4754-b96a-fd0afa199657"
      ],
      "_timestamp": "2024-05-31T10:55:26.690585Z"
    },
    {
      "ip": "41.222.9.14",
      "port": 80,
      "ssl": false,
      "lastSeen": "2024-05-29T16:10:29.939581",
      "asn": "AS36866",
      "country": "Kenya",
      "country_code": "KE",
      "city": "Nairobi",
      "cve": [
        "CVE-2023-30799"
      ],
      "matches": [
        "Mikrotik RouterOS FoisHandler Code Execution (mipsbe)"
      ],
      "hostnames": [],
      "type": {
        "id": "initial-access",
        "finding": "potentially vulnerable"
      },
      "feed_ids": [
        "80597145-be58-4754-b96a-fd0afa199657"
      ],
      "_timestamp": "2024-05-31T10:48:54.36694Z"
    },
    {
      "ip": "41.60.235.65",
      "port": 80,
      "ssl": false,
      "lastSeen": "2024-05-28T03:05:34.651439",
      "asn": "AS30844",
      "country": "Kenya",
      "country_code": "KE",
      "city": "Nairobi",
      "cve": [
        "CVE-2023-30799"
      ],
      "matches": [
        "Mikrotik RouterOS FoisHandler Code Execution (mipsbe)"
      ],
      "hostnames": [],
      "type": {
        "id": "initial-access",
        "finding": "potentially vulnerable"
      },
      "feed_ids": [
        "80597145-be58-4754-b96a-fd0afa199657"
      ],
      "_timestamp": "2024-05-31T10:54:33.208194Z"
    }
  ]
}
VulnCheck Platform

Why VulnCheck IP Intelligence

  • Focused on What Matters
    Unlike other IP Intelligence feeds, VulnCheck IP Intelligence focuses on potentially vulnerable systems, attacker command & control (C2) infrastructure, and honeypots.
  • Exclusively Threat Focused
    Emerging threats lead to breached systems. VulnCheck IP Intelligence helps organizations block attacker infrastructure and quickly find vulnerable systems.
  • Command and Control (C2)
    Live tracking of attacker command & control (C2) infrastructure allows organizations to hunt new and unknown threat actor campaigns, as well as implement dynamic block lists at the firewall automatically.
  • Historic Data Available
    VulnCheck IP Intelligence includes data from the past 3 days (what's live on the Internet currently), past 10 days, past 30 days, & the past 90 days, giving teams the ability to hunt historic IP data.

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and
  • Vulnerability Prioritization
    Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
  • Early Warning System
    Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.
Schedule a Demo