IOC Radar
IPMediumSignal 80/100

59.182.78.104

Location
IndiaIndia
Hyderabad, Maharashtra
ASN
AS9829
Mahanagar Telephone Nigam Limited
First Seen
Apr 7, 2025
Last Seen
Mar 16, 2026
Apr 7
First Seen
448d ago
Mar 16
Last Seen
105d ago
9
Reports
source reports
80%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
80%
Signal Score
80 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

28 techniques

Network Information

CountryINIndia
RegionHyderabad, Maharashtra
ASNAS9829
OrganizationMahanagar Telephone Nigam Limited

Feed Intelligence Summary

9 reports80% confidence
9
Source reports
80%
Confidence score
Category tags
abuseaccess controlactive scanningarmasciiasiaasyncratbackdoorbatbotnetbrute forcebrute force attemptcensyscoinminercoinminer.xmrigcommand and controlcommunication protocolcredential accessdata exfiltrationddos attacksdecoy systemdistributed attackselfexeexploited hostextensionfakecaptchagafgytguloaderhackinghajimehtahtmlindiaindicatorinternet of thingsintrusion detectioniociot botnetiot/ics attacklnklummastealermalicious network activitymalicious softwaremalwaremipsmirai botnetmozimsinetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningopendirprocess injectionprotocol exploitationps1ratreconnaissanceremcosratremote accessresearchedscanscannersecurity policysshdkitstealerstrelastealert1021.002t1027t1040t1046t1055t1056.001t1059.001t1071t1071.001t1078t1105t1110t1110.002t1133t1189t1190t1204t1486t1496t1499.001t1499.002t1499.003t1565t1566t1595t1595.001t1595.002t1595.003tcp protocoltcp/23telecommunicationstelnet threatthreat intelligencethreat preventionvipkeyloggerwsgidavxml-opendirzip

Activity Timeline

1 total obs
Mar 16Mar 16

Threat Activity Heatmap

· Peak: 2026-03-16
Less
More
Mon
Wed
Fri
Jun
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
80
SIGNAL
Signal Score
80%
Confidence
9
Reports
First seenApr 7, 2025
Last seenMar 16, 2026
GeolocationIN
CountryIndia
LocationHyderabad, Maharashtra
ASNAS9829
OrgMahanagar Telephone Nigam Limited
Coords20.0063, 77.0060

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 59.176.0.0 - 59.185.255.255 netname: MTNL descr: Mahanagar Telephone Nigam Limited country: IN admin-c: AB782-AP tech-c: SM2089-AP status: ALLOCATED PORTABLE mnt-by: MAINT-IN-IRINN mnt-lower: MAINT-IN-MTNL mnt-routes: MAINT-IN-MTNL mnt-irt: IRT-MTNL-IN last-modified: 2016-12-14T04:38:46Z source: APNIC irt: IRT-MTNL-IN address: Jeevan Bharati Building address: Tower 1, 12th Floor, 124, Connaught Circus, New Delhi e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AB782-AP tech-c: SM2089-AP auth: # Filtered mnt-by: MAINT-IN-MTNL last-modified: 2022-07-01T08:44:20Z source: APNIC role: Senior Manager address: Mahanagar Doorsanchar Sadan, 5th Floor, 9 CGO Complex, Lodhi Road, New Delhi ,New Delhi,Delhi-110003 country: IN phone: +91 01124325185 e-mail: [email protected] admin-c: AB782-AP tech-c: AB782-AP nic-hdl: SM2089-AP mnt-by: MAINT-IN-MTNL last-modified: 2016-12-14T06:25:35Z source: APNIC person: Amarjeetkaur Bedi address: Mahanagar Doorsanchar Sadan, 5th Floor, 9 CGO Complex, Lodhi Road, New Delhi ,New Delhi,Delhi-110003 country: IN phone: +91 01124325185 e-mail: [email protected] nic-hdl: AB782-AP mnt-by: MAINT-IN-MTNL last-modified: 2016-12-14T06:28:12Z source: APNIC route: 59.182.64.0/20 descr: MTNL Mumbai Route descr: Mahanagar Telephone Nigam Limited, New Delhi country: IN origin: AS17813 mnt-by: MAINT-IN-MTNL last-modified: 2008-09-04T07:54:48Z source: APNIC route: 59.182.64.0/20 descr: MTNL Pool ROUTE OBJECT Through BSNL origin: AS9829 mnt-by: MAINT-IN-IRINN mnt-routes: MAINT-IN-MTNL notify: [email protected] last-modified: 2023-04-16T23:13:29Z source: APNIC
references
https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 9 threat reports