IOC Radar
IPMediumSignal 56/100

103.199.207.61

Location
IndiaIndia
Haldwani, Uttar Pradesh
ASN
AS24186
RAILTEL
First Seen
Mar 9, 2026
Last Seen
Apr 23, 2026
Mar 9
First Seen
104d ago
Apr 23
Last Seen
59d ago
8
Reports
source reports
56%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
56%
Signal Score
56 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryINIndia
RegionHaldwani, Uttar Pradesh
ASNAS24186
OrganizationRAILTEL

Feed Intelligence Summary

8 reports56% confidence
8
Source reports
56%
Confidence score
Category tags
active scanactive scanningapacheapache attackeraptasiabad web botbotnet activitybrute forcebrute force attackcredential accesscredential stuffingddosdenial of serviceexploitation activityhackingidentity & access exploitationindiaindicatornetworkpassword attacksreconnaissanceresearchedscannert1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003threat actortor nodeweb application attackweb exploitation

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
56
SIGNAL
Signal Score
56%
Confidence
8
Reports
First seenMar 9, 2026
Last seenApr 23, 2026
GeolocationIN
CountryIndia
LocationHaldwani, Uttar Pradesh
ASNAS24186
OrgRAILTEL
Coords25.4589, 78.5799

VirusTotal

Not checked

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
inetnum: 103.199.204.0 - 103.199.207.255 netname: RAILTEL-IN descr: RailTel Corporation is an Internet Service Provider. country: IN admin-c: NA1011-AP tech-c: NA1011-AP abuse-c: NA1011-AP status: ALLOCATED PORTABLE mnt-by: MAINT-IN-IRINN mnt-lower: MAINT-IN-RAILTEL mnt-lower: MAINT-IN-IRINN mnt-routes: MAINT-IN-RAILTEL mnt-routes: MAINT-IN-IRINN mnt-irt: IRT-RAILTEL-IN last-modified: 2025-08-11T22:51:48Z source: APNIC irt: IRT-RAILTEL-IN address: Plot No, 143 address: Sector 44 ,Gurugram address: Haryana ,122003 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NA1011-AP tech-c: NA1011-AP auth: # Filtered mnt-by: MAINT-IN-RAILTEL mnt-by: MAINT-IN-IRINN last-modified: 2026-02-10T04:57:40Z source: APNIC person: Network Administrator address: Plate-A, 6th Floor, Office Block Tower-2, address: East Kidwai Nagar, New Delhi-110023 country: IN phone: +91 11 22900600 e-mail: [email protected] nic-hdl: NA1011-AP mnt-by: MAINT-IN-RAILTEL mnt-by: MAINT-IN-IRINN fax-no: +91 11 22900699 last-modified: 2025-09-27T09:36:11Z source: APNIC route: 103.199.207.0/24 descr: Railtel origin: AS24186 mnt-by: MAINT-IN-RAILTEL mnt-by: MAINT-IN-IRINN mnt-routes: MAINT-IN-IRINN last-modified: 2025-12-14T22:18:32Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 1 month ago
Appeared in 8 threat reports