IOC Radar
IPMediumSignal 50/100

202.21.42.114

Location
IndiaIndia
Mancherial, Telangana
ASN
AS24186
Railtel
First Seen
Oct 18, 2025
Last Seen
May 20, 2026
Oct 18
First Seen
230d ago
May 20
Last Seen
16d ago
7
Reports
source reports
50%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
50%
Signal Score
50 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

19 techniques

Network Information

CountryINIndia
RegionMancherial, Telangana
ASNAS24186
OrganizationRailtel

Feed Intelligence Summary

7 reports50% confidence
7
Source reports
50%
Confidence score
Category tags
abuseactive scanactive scanningasiabad reputationbotnetbotnet activitybrute forcebrute force attackc2 communicationcommand & controlcommand and controlcredential accesscredential stuffingdata exfiltrationdata store exposureddosdistributed attacksexploitation activityexploitation attemptsexploited hostfraud voiphackingidentity & access exploitationinindiaindicatorinjection activitymalicious softwaremalwarenetworknetwork scanningnetwork traffic analysispassword attackspotential ddosprocess injectionreconnaissanceremote servicesresearchedscams & fraudscannert1021t1055t1059t1071t1071.001t1078t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1595.001t1595.002t1595.003vulnerability scan

Activity Timeline

1 total obs
May 20May 20

Threat Activity Heatmap

· Peak: 2026-05-20
Less
More
Mon
Wed
Fri
Jun
·
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
50
SIGNAL
Signal Score
50%
Confidence
7
Reports
First seenOct 18, 2025
Last seenMay 20, 2026
GeolocationIN
CountryIndia
LocationMancherial, Telangana
ASNAS24186
OrgRailtel
Coords18.8695, 79.4340

VirusTotal

Not checked

WHOIS

raw
inetnum: 202.21.40.0 - 202.21.43.255 netname: RAILTEL-IN descr: RailTel Corporation is an Internet Service Provider. country: IN admin-c: NA1011-AP tech-c: NA1011-AP abuse-c: NA1011-AP status: ALLOCATED PORTABLE mnt-by: MAINT-IN-IRINN mnt-lower: MAINT-IN-RAILTEL mnt-lower: MAINT-IN-IRINN mnt-routes: MAINT-IN-RAILTEL mnt-routes: MAINT-IN-IRINN mnt-irt: IRT-RAILTEL-IN last-modified: 2025-08-11T22:57:44Z source: APNIC irt: IRT-RAILTEL-IN address: Plot No, 143 address: Sector 44 ,Gurugram address: Haryana ,122003 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NA1011-AP tech-c: NA1011-AP auth: # Filtered mnt-by: MAINT-IN-RAILTEL mnt-by: MAINT-IN-IRINN last-modified: 2026-02-10T04:57:40Z source: APNIC person: Network Administrator address: Plate-A, 6th Floor, Office Block Tower-2, address: East Kidwai Nagar, New Delhi-110023 country: IN phone: +91 11 22900600 e-mail: [email protected] nic-hdl: NA1011-AP mnt-by: MAINT-IN-RAILTEL mnt-by: MAINT-IN-IRINN fax-no: +91 11 22900699 last-modified: 2025-09-27T09:36:11Z source: APNIC route: 202.21.42.0/24 descr: Railtel origin: AS24186 mnt-by: MAINT-IN-RAILTEL mnt-by: MAINT-IN-IRINN mnt-routes: MAINT-IN-IRINN last-modified: 2025-12-14T22:18:29Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 7 months ago · Last seen 16 days ago
Appeared in 7 threat reports