IOC Radar
IPMediumSignal 59/100

103.48.67.138

Location
IndiaIndia
Delhi, DL
ASN
AS45235
Netmax Computers
First Seen
Feb 21, 2025
Last Seen
Feb 22, 2026
Feb 21
First Seen
485d ago
Feb 22
Last Seen
119d ago
5
Reports
source reports
59%
Confidence
medium
Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
59%
Signal Score
59 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

20 techniques

Network Information

CountryINIndia
RegionDelhi, DL
ASNAS45235
OrganizationNetmax Computers

Feed Intelligence Summary

5 reports59% confidence
5
Source reports
59%
Confidence score
Category tags
active scanningasiaattackbotnetbrute forcebrute force attackcommand and controlcowriecowrie honeypotcowrie honeypot datacredential accesscredential stuffingdata exfiltrationdecoy systemdistributed attacksgithubinindiaindicatormalicious activitymalicious softwaremalwaremysqlnetworknetwork probingnetwork scanningnetwork service scanningnginxpassword attacksprocess injectionpythonreconnaissanceresearchedscannerserversftpsftp attacksftp exploit attemptslugsshssh attackssh monitoringsurface webt1021t1021.004t1041t1055t1071.001t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003threat actorunauthorized access attempt

Activity Timeline

1 total obs
Feb 22Feb 22

Threat Activity Heatmap

· Peak: 2026-02-22
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
59
SIGNAL
Signal Score
59%
Confidence
5
Reports
First seenFeb 21, 2025
Last seenFeb 22, 2026
GeolocationIN
CountryIndia
LocationDelhi, DL
ASNAS45235
OrgNetmax Computers
Coords28.6542, 77.2373

VirusTotal

Not checked

WHOIS

description
2025-02-19T10:00:09.942Z Honeypot : Cowrie : Source: 103.48.67.138 Data: Connection lost after 13 seconds
raw
inetnum: 103.48.64.0 - 103.48.67.255 netname: NETMAX-IN descr: NETMAX COMPUTERS admin-c: TS836-AP tech-c: MA748-AP country: IN mnt-by: MAINT-IN-IRINN mnt-irt: IRT-IN-NETMAX mnt-routes: MAINT-IN-NETMAX status: ALLOCATED PORTABLE last-modified: 2015-01-16T11:51:00Z source: APNIC irt: IRT-IN-NETMAX address: 2092/37 NAIWALAN, KAROLBAGH, New Delhi e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TS836-AP tech-c: MA748-AP auth: # Filtered mnt-by: MAINT-IN-NETMAX last-modified: 2015-01-16T11:45:03Z source: APNIC role: manager admin address: 2092/37 NAIWALAN, KAROLBAGH, New Delhi country: IN phone: +91 9811212051 e-mail: [email protected] admin-c: TS836-AP tech-c: TS836-AP nic-hdl: MA748-AP mnt-by: MAINT-IN-NETMAX last-modified: 2015-01-16T11:45:37Z source: APNIC person: TANVIR SINGH address: 2092/37 NAIWALAN, KAROLBAGH, New Delhi country: IN phone: +91 9811212051 e-mail: [email protected] nic-hdl: TS836-AP mnt-by: MAINT-IN-NETMAX last-modified: 2015-01-16T11:46:45Z source: APNIC route: 103.48.67.0/24 descr: NETMAX COMPUTERS origin: AS45235 mnt-by: MAINT-IN-IRINN mnt-routes: MAINT-GEONET-IN last-modified: 2015-01-22T08:26:33Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 5 threat reports