IOC Radar
IPMediumSignal 100/100

103.97.91.235

Location
IndiaIndia
Lagos, Lagos
ASN
AS8849
Melbikomas UAB
First Seen
Dec 23, 2024
Last Seen
Feb 15, 2026
Dec 23
First Seen
536d ago
Feb 15
Last Seen
117d ago
13
Reports
source reports
99%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

17 techniques

Network Information

CountryINIndia
RegionLagos, Lagos
ASNAS8849
OrganizationMelbikomas UAB

Feed Intelligence Summary

13 reports99% confidence
13
Source reports
99%
Confidence score
Category tags
abuseactive scanningafricaasiaattackaustraliaauthentication attackauto-generated securityautomated attackbotnetbrute forcebrute force attemptcommand and controlcredential accesscredential stuffingctadata exfiltrationdistributed attacksindiamalicious activitymalicious softwaremalwarenetworknetwork securitynigeriaoceaniaprocess injectionproxyreconnaissanceremote accessresearchedscannerssh attackt1055t1071.001t1078t1078.004t1110t1110.001t1110.002t1486t1496t1499.002t1499.003t1565t1589t1589.002t1595.001t1595.002t1595.003threat actor

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
13
Reports
First seenDec 23, 2024
Last seenFeb 15, 2026
GeolocationIN
CountryIndia
LocationLagos, Lagos
ASNAS8849
OrgMelbikomas UAB
Coords6.4474, 3.3903

VirusTotal

Not checked

WHOIS

description
Host bruteforcing SSH
raw
inetnum: 0.0.0.0 - 255.255.255.255 netname: IANA-BLK descr: The whole IPv4 address space country: EU # Country is really world wide org: ORG-IANA1-AFRINIC admin-c: IANA1-AFRINIC tech-c: IANA1-AFRINIC status: ALLOCATED UNSPECIFIED remarks: The country is really worldwide. remarks: This address space is assigned at various other places in remarks: the world and might therefore not be in the RIPE database. remarks: data has been transferred from RIPE Whois Database 20050221 mnt-by: AFRINIC-HM-MNT mnt-lower: AFRINIC-HM-MNT source: AFRINIC # Filtered parent: 0.0.0.0 - 255.255.255.255 organisation: ORG-IANA1-AFRINIC org-name: Internet Assigned Numbers Authority org-type: IANA country: EU # Country is really worldwide address: see http://www.iana.org remarks: The IANA allocates IP addresses and AS number blocks to RIRs remarks: see http://www.iana.org/ipaddress/ip-addresses.htm remarks: and http://www.iana.org/assignments/as-numbers admin-c: IANA1-AFRINIC tech-c: IANA1-AFRINIC mnt-ref: AFRINIC-HM-MNT mnt-by: AFRINIC-HM-MNT remarks: data has been transferred from RIPE Whois Database 20050221 source: AFRINIC # Filtered role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: TEAM-AFRINIC tech-c: TEAM-AFRINIC nic-hdl: IANA1-AFRINIC remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. remarks: data has been transferred from RIPE Whois Database 20050221 mnt-by: AFRINIC-DB-MNT source: AFRINIC # Filtered

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 13 threat reports