IOC Radar
IPHighVerifiedSignal 86/100

115.248.8.65

Location
IndiaIndia
Jaipur, TN
ASN
AS18101
Reliance Communications Limited
First Seen
Jun 17, 2025
Last Seen
Jun 22, 2026
Jun 17
First Seen
372d ago
Jun 22
Last Seen
3d ago
81
Reports
source reports
95%
Confidence
high
Found in 81 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
95%
Signal Score
86 / 100
IDS Rule
Yes
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

74 techniques

Network Information

CountryINIndia
RegionJaipur, TN
ASNAS18101
OrganizationReliance Communications Limited

IP Category

Proxy
Proxy server

Feed Intelligence Summary

81 reports95% confidence
AT
Abuse.ch ThreatFox
3d ago
Abuse.ch ThreatFox (3693 indicators)
3155 IOCs in report
AT
Abuse.ch ThreatFox
3d ago
Abuse.ch ThreatFox (3696 indicators)
3158 IOCs in report
AT
Abuse.ch ThreatFox
3d ago
Abuse.ch ThreatFox (3729 indicators)
3192 IOCs in report
AT
Abuse.ch ThreatFox
3d ago
Abuse.ch ThreatFox (3727 indicators)
3190 IOCs in report
AT
Abuse.ch ThreatFox
3d ago
Abuse.ch ThreatFox (3726 indicators)
3189 IOCs in report
AT
Abuse.ch ThreatFox
3d ago
Abuse.ch ThreatFox (3721 indicators)
3184 IOCs in report
AT
Abuse.ch ThreatFox
3d ago
Abuse.ch ThreatFox (3718 indicators)
3181 IOCs in report
AT
Abuse.ch ThreatFox
3d ago
Abuse.ch ThreatFox (3719 indicators)
3181 IOCs in report
AT
Abuse.ch ThreatFox
3d ago
Abuse.ch ThreatFox (3718 indicators)
3180 IOCs in report
AT
Abuse.ch ThreatFox
3d ago
Abuse.ch ThreatFox (3714 indicators)
3177 IOCs in report

Activity Timeline

48 total obs
Jun 22Jun 20

Threat Activity Heatmap

· Peak: 2026-06-21
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
48
Critical
30d
48
Critical
3mo
48
Critical
Threat ScoreHigh Risk
86
SIGNAL
Signal Score
95%
Confidence
81
Reports
First seenJun 17, 2025
Last seenJun 22, 2026
Verified IOC
GeolocationIN
CountryIndia
LocationJaipur, TN
ASNAS18101
OrgReliance Communications Limited
Coords12.8996, 80.2209
Proxy

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Melbourne (Australia) honeypot
raw
inetnum: 115.248.0.0 - 115.255.255.255 netname: RCOM descr: Reliance Communications Ltd descr: Dhirubai Ambani Knowledge City descr: Thane Belapur Road, KoparKhairane descr: Navi Mumbai - 400710 descr: India country: IN org: ORG-RCL5-AP admin-c: AH406-AP tech-c: AH406-AP abuse-c: AR1060-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-IN-SN mnt-routes: MAINT-IN-SN mnt-irt: IRT-RELIANCE-COMMUNICATIONS-IN last-modified: 2021-01-13T00:13:49Z source: APNIC irt: IRT-RELIANCE-COMMUNICATIONS-IN address: Reliance Communication Ltd address: NNOC, 1st floor address: International Area , A Block address: Dhirubai Ambani Knowledge City, e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AH406-AP tech-c: AH406-AP auth: # Filtered remarks: [email protected] was validated on 2025-06-16 mnt-by: MAINT-IN-SN last-modified: 2025-09-04T05:15:23Z source: APNIC organisation: ORG-RCL5-AP org-name: Reliance Communications Limited org-type: LIR country: IN address: NNOC , First Floor, address: DAKC, Thane Belapur Road phone: +91-22-30372618 fax-no: +91-22-30383899 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:14:48Z source: APNIC role: Antiabuse Helpdesk address: Reliance Communication Ltd address: Antiabuse Helpdesk, 2nd Floor, address: International Area , A Block address: Dhirubai Ambani Knowledge City, address: Thane Belapur Road, KoparKhairane, address: Navi Mumbai - 400710 country: IN phone: +91-22-30334141-5 fax-no: +91-22-30334949 e-mail: [email protected] remarks: Send spam & abuse Reports remarks: include detailed information & time remarks: to [email protected] admin-c: IH158-AP tech-c: AH405-AP nic-hdl: AH406-AP notify: [email protected] mnt-by: MAINT-IN-SN last-modified: 2011-12-06T00:10:18Z source: APNIC role: ABUSE RELIANCECOMMUNICATIONSIN country: ZZ address: Reliance Communication Ltd address: NNOC, 1st floor address: International Area , A Block address: Dhirubai Ambani Knowledge City, phone: +000000000 e-mail: [email protected] admin-c: AH406-AP tech-c: AH406-AP nic-hdl: AR1060-AP remarks: Generated from irt object IRT-RELIANCE-COMMUNICATIONS-IN remarks: [email protected] was validated on 2025-06-16 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-06-16T05:53:33Z source: APNIC route: 115.248.8.0/22 origin: AS18101 descr: Reliance Communications Limited NNOC , First Floor, DAKC, Thane Belapur Road mnt-by: MAINT-IN-SN last-modified: 2023-07-20T10:41:21Z source: APNIC
references
https://github.com/telekom-security/tpotce, https://redpiranha.net, https://feeds.dshield.org/feeds/topips.txt, https://feeds.dshield.org/feeds/top10.txt, https://feeds.dshield.org/feeds/block.txt, https://www.linkedin.com/posts/starlightintel_cybersecurity-cyberattack-rce-activity-7358525198976868352-vdpo?utm_source=share&utm_medium=member_desktop&rcm=ACoAADM4tMgBAoph1aAnRhGdecMXg-lVzkLrxyM, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://www.virustotal.com/gui/collection/a4c38dc13a91da98a9f3a7f1c46c9aaeaa4d713d113c68c71fdf89837667717d

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 3 days ago
Appeared in 81 threat reports from 10 sources
Associated with: Akira, Kimsuky, LockBit
Used by malware: Nanocore, XWorm, WannaCry, AsyncRAT, Remcos, Rhysida, XorDDoS, Akira, Pegasus, Mozi, SocGholish, XMRig, NjRAT, Stealc, Mirai, Vidar, Sliver, Havoc, LockBit