IPMediumSignal 71/100

`103.132.243.250`

Location

India

Bhubaneswar, Odisha

ASN

AS45117

Netset Media Services Private Limited

First Seen

Mar 31, 2025

Last Seen

Jun 9, 2026

Mar 31

First Seen

440d ago

Jun 9

Last Seen

6d ago

Reports

source reports

71%

Confidence

medium

13/91

VirusTotal

detections

Found in 27 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

71%

Signal Score

71 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

58 techniques

Network Information

Country

India

RegionBhubaneswar, Odisha

ASNAS45117

OrganizationNetset Media Services Private Limited

Feed Intelligence Summary

27 reports71% confidence

Source reports

71%

Confidence score

Category tags

abuseaccess attemptsaccess controlaccount brute forceactive scanactive scanningaggressive-detectionapacheapache attackeraptasiaattackattack detectionaustraliaauthenticationauthentication abuseauthentication attackauthentication attacksauthentication attemptsauthentication failuresauthentication_bypassautomated attackautomated threatbad reputationbad web botblacklisted ipblocklist_allblog spambotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptbrute force attemptsbrute-forcebruteforcec2 communicationcisco devicecisco exploitation attemptcisco exploitation attemptscivil servicescommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostconnection-resetcowriecowrie datacowrie honeypotcredential accesscredential guessingcredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackddos attacksdecoy systemdenial of servicedevice managementdictionary attackdigital oceandionaea honeypotdistributed attacksemerging threatsenterprise networkingenumerationeuropeexfiltrationexploitexploit attemptsexploit scanexploitationexploitation activityexploitation attemptsexploited hostexternal ipfail2ban alertfail2ban blocked ipfail2ban triggeredfailed authenticationfailed loginfailed login attemptsfattfinlandfirewall logsftpftp attacksftp brute forceftp brute-forcegovernment technologyhackinghoneytrap honeypothttp brute forcehttp scanneridentity & access exploitationinindiaindicatorindicators of compromiseinformation technologyinitial accessinjection activityinjection attacksiociot securityiot targetedipv4ipv4_addressit infrastructurekill-chain exploitationkill-chain reconnaissancelamplamp server targetinglateral movementlinux systemslogin attacklogin attemptlogin attemptslogin brute forcelogin brute-forcelogin failurelow-riskmailoney honeypotmalaysiamalicious activitymalicious ip addressesmalicious loginmalicious payloadmalicious script executionmalicious sftp activitymalicious softwaremalicious ssh activitymalwaremalware behaviourmalware capturemalware deliverymalware detectionmalware distributionnetworknetwork attacksnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork intrusion detectionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork sniffingnetwork traffic analysisnetwork-based attack attemptsnetwork_service_exploitationnoticeoceaniaopencanaryopenctiosintp0fpassword attackpassword attackspassword crackingpassword sprayingphishingphishing attackphishing trapping of deathpotential malware uploadprocess injectionprotocol exploitationprotocol-probingpublic administrationpublic infrastructurepublic policyransomwareraspberry-pirdp attacksreconnaissanceregulatory agenciesremote accessremote service exploitationremote servicesremote_accessresearchedresource hijackingscanscannerscannersscanning activitysecurity operationssecurity policysensor-taggedsentrypeer activitysentrypeer botnetserver exploitationservice enumerationservice scanservice scanningsftp access attemptsftp attacksip brute forcesip scanningsmtpsmtp attackssocial engineeringsocradar honeypotsoftware developmentspamsql injectionsshssh attackssh attacksssh brute-force activityssh monitoringsyn scansystem accesst-pott1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1041t1046t1055t1059t1059.003t1059.004t1071t1071.001t1076t1078t1078.001t1078.002t1078.003t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1497t1499.001t1499.002t1499.003t1505.002t1550t1555t1563t1565t1566.001t1566.002t1566.003t1573t1573.001t1583t1588t1588.002t1588.004t1589t1589.002t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantelecommunicationstelnet attackstelnet threatthreat actorthreat detectionthreat intelligencethreat intelligence feedthreat preventiontor nodetpottpotceudp scanunauthorized accessunauthorized access attemptunauthorized loginunauthorized login attemptunited kingdomvalid accountsvnc protocolvoipvoip attackvulnerability scanvulnerability-exploitationvultrweb app attackweb application attackweb exploitationweb exploitsweb serversweb spamweb traffic

Activity Timeline

1 total obs

Jun 9Jun 9

Threat Activity Heatmap

· Peak: 2026-06-09

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Threat ScoreHigh Risk

SIGNAL

Signal Score

71%

Confidence

Reports

First seenMar 31, 2025

Last seenJun 9, 2026

GeolocationIN

CountryIndia

LocationBhubaneswar, Odisha

ASNAS45117

OrgNetset Media Services Private Limited

Coords20.0063, 77.0060

VirusTotal

13/ 91vendors flagged

14% detection rateJun 9, 2026

WHOIS

description: every host is banned for 3 hours and receives an abuse report from me every 96 hours if it continues
raw: inetnum: 103.132.242.0 - 103.132.243.255 netname: INPL-IN descr: Ishan Netsol Pvt Ltd admin-c: INPL1-AP tech-c: INPL1-AP country: IN mnt-by: MAINT-IN-IRINN mnt-irt: IRT-ISHAN-IN mnt-routes: MAINT-IN-ISHAN status: ASSIGNED PORTABLE last-modified: 2024-10-23T08:11:41Z source: APNIC irt: IRT-ISHAN-IN address: 315/6 Shivam Complex, Opp. Jagnath Temple, Dr. Yagnik Road e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IT136-AP tech-c: IA179-AP auth: # Filtered mnt-by: MAINT-IN-ISHAN last-modified: 2014-10-13T06:06:07Z source: APNIC role: ISHAN NETSOL PVT LTD - network administrator address: 313 Shivam Complex, Dr. Yagnik Road, Opp Jagnath Temple, Rajkot - Gujarat - India country: IN phone: +91 2816647426 e-mail: [email protected] admin-c: INPL1-AP tech-c: INPL1-AP nic-hdl: INPL1-AP mnt-by: MAINT-INPL-IN last-modified: 2021-05-25T07:18:52Z source: APNIC route: 103.132.243.0/24 descr: INPL�s IP POOL origin: AS45117 country: IN remarks: send spam and abuse report to [email protected] notify: [email protected] mnt-routes: MAINT-IN-ISHAN mnt-by: MAINT-IN-IRINN last-modified: 2019-02-04T10:43:47Z source: APNIC
references: https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://redpiranha.net

`103.132.243.250`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy