IOC Radar
IPMediumSignal 54/100

103.30.72.200

Location
IndiaIndia
Gurugram, Haryana
ASN
AS134330
Nandini Infosys Private Limited
First Seen
Dec 28, 2023
Last Seen
Apr 7, 2026
Dec 28
First Seen
897d ago
Apr 7
Last Seen
67d ago
13
Reports
source reports
54%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
54%
Signal Score
54 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

47 techniques

Network Information

CountryINIndia
RegionGurugram, Haryana
ASNAS134330
OrganizationNandini Infosys Private Limited

IP Category

Proxy
Proxy server

Feed Intelligence Summary

13 reports54% confidence
13
Source reports
54%
Confidence score
Category tags
abuseabuseipdbaccess controlactive scanactive scanningasiaatif feedattackbad reputationbad web botbanlist feedbinary defenseblacklist activityblacklist candidateblacklist checkblacklisted ip activityblog spambotnetbotnet activitybrute forcebrute force attackcommand and controlcommand executioncommunication protocolcredential accesscredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attacksdecoy systemdenial of servicedhcpdhcp attackdhcp probingdistributed attackselasticsearchelasticsearch attackelasticsearch brute forceelasticsearch enumerationencryptionexploitationexploitation activityftpftp brute forceftp exploitationidentity & access exploitationimapimap brute forceinindiaindicatorinformation gatheringinfrastructure acquisitionreconnaissanceinitial accessinjection activityinternet of thingsintrusion detectioniot botnetiot securityiot/ics attacklateral movementldapldap attackldap brute forceldap probingmalicious activitymalicious softwaremalwaremanualmemcached amplification attemptmemcached attackmirai botnetmssqlmssql attackmssql brute forcemssql exploitationmysql brute forcenetworknetwork attacksnetwork monitoringnetwork probenetwork probingnetwork protocolnetwork scannetwork scanningnetwork securityntpntp amplification attemptntp attackoracleoracle attackoracle brute forceoracle scanningpassword attacksphishingphishing attackpossible malware infectionpostgresql attackpostgresql brute forcepostgresql scanningprocess injectionprotocol exploitationproxyreconnaissanceredis brute forceredis enumerationremote accessremote servicesresearchedrtbhscanscannersecurity policyself-signedserver exploitationsmb brute forcesmb scanningsnmp enumerationsocial engineeringsocks5socks5 proxy activitysocks5 proxy detectionspamsql injectionssh attackssh exploitationt1021t1021.001t1021.002t1040t1046t1047t1053t1055t1059t1059.003t1059.005t1068t1071t1071.001t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1210t1486t1496t1499.001t1499.002t1499.003t1505.004t1550.003t1555t1562t1565t1566t1566.001t1566.002t1566.003t1587.001t1590.001t1592t1595t1595.001t1595.002t1595.003targeting databasetcp protocoltelecommunicationstelnet exploitationtelnet threatthreat actorthreat intelligencethreat preventiontor nodevnc protocolweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
54
SIGNAL
Signal Score
54%
Confidence
13
Reports
First seenDec 28, 2023
Last seenApr 7, 2026
GeolocationIN
CountryIndia
LocationGurugram, Haryana
ASNAS134330
OrgNandini Infosys Private Limited
Coords0.0000, 0.0000
Proxy

VirusTotal

Not checked

WHOIS

raw
inetnum: 103.30.72.0 - 103.30.73.255 netname: NANDINI-IN descr: NANDINI INFOSYS PRIVATE LIMITED country: IN org: ORG-NIPL6-AP admin-c: NIPL6-AP tech-c: NIPL6-AP abuse-c: AN3098-AP status: ASSIGNED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-routes: MAINT-NANDINI-IN mnt-irt: IRT-NANDINI-IN last-modified: 2022-11-03T03:24:17Z source: APNIC irt: IRT-NANDINI-IN address: 1st Floor, O-122, The Shopping Mall,, Arjun Marg, DLF City Phase-1,, Gurgaon Haryana 122002 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NIPL6-AP tech-c: NIPL6-AP auth: # Filtered remarks: [email protected] was validated on 2025-02-12 mnt-by: MAINT-NANDINI-IN last-modified: 2025-02-12T11:28:52Z source: APNIC organisation: ORG-NIPL6-AP org-name: NANDINI INFOSYS PRIVATE LIMITED org-type: LIR country: IN address: 1st Floor, O-122, The Shopping Mall, address: Arjun Marg, DLF City Phase-1, phone: +919211721924 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:19:03Z source: APNIC role: ABUSE NANDINIIN country: ZZ address: 1st Floor, O-122, The Shopping Mall,, Arjun Marg, DLF City Phase-1,, Gurgaon Haryana 122002 phone: +000000000 e-mail: [email protected] admin-c: NIPL6-AP tech-c: NIPL6-AP nic-hdl: AN3098-AP remarks: Generated from irt object IRT-NANDINI-IN remarks: [email protected] was validated on 2025-02-12 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-02-12T11:29:19Z source: APNIC role: NANDINI INFOSYS PRIVATE LIMITED administrator address: 1st Floor, O-122, The Shopping Mall,, Arjun Marg, DLF City Phase-1,, Gurgaon Haryana 122002 country: IN phone: +919211721924 e-mail: [email protected] admin-c: NIPL6-AP tech-c: NIPL6-AP nic-hdl: NIPL6-AP mnt-by: MAINT-NANDINI-IN last-modified: 2022-11-02T09:31:08Z source: APNIC route: 103.30.72.0/24 origin: AS134330 descr: NANDINI INFOSYS PRIVATE LIMITED 1st Floor, O-122, The Shopping Mall, Arjun Marg, DLF City Phase-1, mnt-by: MAINT-NANDINI-IN last-modified: 2023-01-04T15:04:41Z source: APNIC
references
https://list.rtbh.com.tr/output.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt, https://github.com/borestad/blocklist-abuseipdb/blob/main/abuseipdb-s100-3d.ipv4

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 2 months ago
Appeared in 13 threat reports