IOC Radar
IPMediumSignal 44/100

194.61.40.9

Location
IndiaIndia
New Delhi, National Capital Territory of Delhi
ASN
AS137409
VPN Consumer Mumbai, India
First Seen
Sep 9, 2023
Last Seen
May 26, 2026
Sep 9
First Seen
1007d ago
May 26
Last Seen
18d ago
14
Reports
source reports
44%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

21 techniques

Network Information

CountryINIndia
RegionNew Delhi, National Capital Territory of Delhi
ASNAS137409
OrganizationVPN Consumer Mumbai, India

IP Category

VPN
VPN exit node

Feed Intelligence Summary

14 reports44% confidence
14
Source reports
44%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiabad reputationbad web botbotnet activitybrute forcebrute force attackbrute-forcecredential accesscredential harvestingcredential stuffingddosdenial of serviceeuropeexploitation activityftp brute forcehackinghttp brute forceidentity & access exploitationinindiainformation technologyit infrastructurenetherlandsnetworknetwork scanningopenctipassword attacksphishingphishing attackproxyreconnaissanceremote accessremote servicesresearchedscannersecurity policysgsingaporesocial engineeringsoftware developmentspamssh attackt1021t1021.001t1046t1059t1076t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1563t1566.001t1566.002t1566.003t1595t1595.001t1595.002t1595.003tcp scanthreat preventionudp scanvpnweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 26May 26

Threat Activity Heatmap

· Peak: 2026-05-26
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
14
Reports
First seenSep 9, 2023
Last seenMay 26, 2026
GeolocationIN
CountryIndia
LocationNew Delhi, National Capital Territory of Delhi
ASNAS137409
OrgVPN Consumer Mumbai, India
Coords52.3824, 4.8995
VPN

VirusTotal

Not checked

WHOIS

raw
inetnum: 194.61.40.0 - 194.61.40.255 netname: VCIN-194-61-40-0 country: IN geoloc: 19.1108461 72.8990074 org: ORG-VA29624-RIPE admin-c: LNBV tech-c: LNBV status: ASSIGNED PA mnt-by: PREFIXBROKER-MNT created: 2022-11-18T07:31:15Z last-modified: 2022-11-18T07:31:15Z source: RIPE organisation: ORG-VA29624-RIPE org-name: VPN-Consumer-IN org-type: OTHER address: 37, Chandivali Farm Rd address: Chandivali, Powai address: Mumbai, Maharashtra 400072 address: India abuse-c: LNBV mnt-ref: PREFIXBROKER-MNT mnt-by: PREFIXBROKER-MNT created: 2022-10-20T14:46:07Z last-modified: 2022-10-20T14:46:07Z source: RIPE # Filtered role: Role object for Legaco Networks B.V. address: Kennedyplein 200 address: 5611ZT address: Eindhoven address: NETHERLANDS phone: +31403041481 abuse-mailbox: [email protected] admin-c: JVV284-RIPE admin-c: WS4695-RIPE nic-hdl: LNBV mnt-by: nl-legaco-1-mnt created: 2019-04-16T17:25:57Z last-modified: 2019-04-16T17:29:29Z source: RIPE # Filtered route: 194.61.40.0/24 origin: AS137409 mnt-by: PREFIXBROKER-MNT created: 2025-12-05T10:31:49Z last-modified: 2025-12-05T10:31:49Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 18 days ago
Appeared in 14 threat reports