IOC Radar
IPMediumSignal 47/100

112.196.0.228

Location
IndiaIndia
Amritsar, Chandigarh
ASN
AS17917
Hfcl Infotel LTD
First Seen
Jun 6, 2025
Last Seen
Jun 2, 2026
Jun 6
First Seen
372d ago
Jun 2
Last Seen
11d ago
18
Reports
source reports
47%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

42 techniques

Network Information

CountryINIndia
RegionAmritsar, Chandigarh
ASNAS17917
OrganizationHfcl Infotel LTD

IP Category

Proxy
Proxy server

Feed Intelligence Summary

18 reports47% confidence
18
Source reports
47%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningadbhoney honeypotantispamapacheapache attackeraptasiaattackauthenticationbad reputationbad web botblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute-forcecisco devicecommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingcredential-accessdata exfiltrationdata store exposureddosddos attackdecoy systemdenial of servicedevice managementdionaea honeypotenterprise networkingeuropeexploitation activityexploited hostfinlandfinland based activityfranceftp brute forceftp brute-forcegermanyhackinghoneynet connecthoneytrap honeypothttp brute forcehttp scanneridentity & access exploitationinindiainformation technologyinjection activityit infrastructurelamplateral movementlog4jloginlogin attacklogin attemptlogin-brute-forcemailoney honeypotmalicious activitymalwaremalware behaviourmalware capturenetworknetwork attacksnetwork enumerationnetwork infrastructurenetwork intrusionnetwork scanningnetwork securitynorth americaopen proxypassword attackpassword attacksphishingphishing attackphishing trappolandprotocol exploitationproxyreconnaissanceremote accessremote servicesresearchedresource hijackingscannerscanning activityscripting languagesecurity operationssecurity policysentrypeer botnetsftp attacksmb brute forcesmtp brute forcesocial engineeringsoftware developmentspamsql injectionsshssh attackssh monitoringt1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1041t1046t1059t1059.001t1059.003t1059.004t1059.007t1068t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1185t1190t1203t1204.002t1496t1499.001t1499.002t1499.003t1563t1566.001t1566.002t1566.003t1566.004t1588.004t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodeudp scanunauthorized access attemptunited statesvoipvoip attackweb app attackweb applicationweb application attackweb application exploitationweb developmentweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, represents a significant and active threat to organizational security. With a score exceeding 46 and consistent reporting across numerous reputable threat intelligence feeds, this IP address is strongly associated with malicious activities such as brute-force attacks, vulnerability scanning, and attempts to exploit public-facing applications. Its continued presence in threat feeds signals an ongoing and persistent risk. If connections to or fr…

Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
18
Reports
First seenJun 6, 2025
Last seenJun 2, 2026
GeolocationIN
CountryIndia
LocationAmritsar, Chandigarh
ASNAS17917
OrgHfcl Infotel LTD
Coords30.7333, 76.7794
Proxy

VirusTotal

Not checked

WHOIS

raw
inetnum: 112.196.0.0 - 112.196.0.255 netname: ISP_INTERNAL country: IN descr: Chandigarh admin-c: NN112-AP tech-c: NN112-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-IN-NETWORK last-modified: 2010-06-02T09:04:55Z source: APNIC person: Network Administrator Network Administrator nic-hdl: NN112-AP e-mail: [email protected] address: B-71 Phase-7 Ind. Area Mohali address: Punjab phone: +91-172-5090114 country: IN mnt-by: MAINT-NEW last-modified: 2010-05-20T07:36:26Z source: APNIC route: 112.196.0.0/24 descr: HFCL INFOTEL LTD origin: AS17917 mnt-by: MAINT-IN-NETWORK last-modified: 2009-02-13T10:24:23Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 11 days ago
Appeared in 18 threat reports