IOC Radar
IPHighVerifiedSignal 61/100

103.74.144.253

Location
IndiaIndia
New Delhi, DL
ASN
AS58965
Airmax Internet Private Limited
First Seen
Feb 24, 2025
Last Seen
Feb 15, 2026
Feb 24
First Seen
486d ago
Feb 15
Last Seen
130d ago
5
Reports
source reports
61%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
61%
Signal Score
61 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

22 techniques

Network Information

CountryINIndia
RegionNew Delhi, DL
ASNAS58965
OrganizationAirmax Internet Private Limited

Feed Intelligence Summary

5 reports61% confidence
5
Source reports
61%
Confidence score
Category tags
abuseaccess controlactive scanningasiabotnetbrute forcebrute force attemptcommand and controlcommunication protocolcredential accessdata exfiltrationddos attacksdecoy systemdistributed attacksindiaindicatorinternet of thingsintrusion detectioniociot botnetiot/ics attackmalicious network activitymalicious softwaremalwaremirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningprocess injectionprotocol exploitationreconnaissanceresearchedscanscannersecurity policyt1021.002t1040t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.002t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat intelligencethreat prevention

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
61
SIGNAL
Signal Score
61%
Confidence
5
Reports
First seenFeb 24, 2025
Last seenFeb 15, 2026
Verified IOC
GeolocationIN
CountryIndia
LocationNew Delhi, DL
ASNAS58965
OrgAirmax Internet Private Limited
Coords28.6542, 77.2373

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 4 months ago
Appeared in 5 threat reports