IOC Radar
IPMediumSignal 85/100

59.88.15.190

Location
IndiaIndia
Cherthala, MH
ASN
AS9829
BSNL Internet
First Seen
May 8, 2025
Last Seen
May 25, 2026
May 8
First Seen
394d ago
May 25
Last Seen
11d ago
9
Reports
source reports
85%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
85%
Signal Score
85 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

41 techniques

Network Information

CountryINIndia
RegionCherthala, MH
ASNAS9829
OrganizationBSNL Internet

Feed Intelligence Summary

9 reports85% confidence
9
Source reports
85%
Confidence score
Category tags
active scanactive scanningamadeyamosstealerapkarmasciiasiabackdoorbitbucketbotnetbotnetdomainbrute forcebrute force attackcensyschecobaltstrikecommand and controlcommand executioncopercredential accesscredential harvestingcredential stuffingdarkvisionratdata exfiltrationddosddos attacksdenial of servicedistributed attackselfencodedexeexploit attemptsexploitation activityexploited hostfakecaptchaftp brute forcegafgytguloaderhackinghajimehijackloaderhtahttp brute forceidatloaderinindiaindicatorinternet of thingsiot botnetiot/ics attackkimsukylateral movementlnklummastealermalicious powershell activitymalicious softwaremalwaremalware propagationmalware scanningmetastealermipsmirai botnetmoobotmozinetworknetwork probingnetwork scanningoctoopendirpassword attacksphishing attackprocess injectionps1quakbotratreconnaissanceremcosratremote accessremote servicesresearchedrustystealersaint helena, ascension and tristan da cunhascannerscripting attackssmtp brute forcesocial engineeringsql injection attemptsssh attacksshdsshdkitsshdoort1021t1021.001t1027t1046t1055t1059t1059.001t1071t1071.001t1076t1078t1086t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1204t1204.002t1210t1486t1496t1499.002t1499.003t1563t1565t1566t1566.001t1566.002t1566.003t1573t1588t1595t1595.001t1595.002t1595.003ua-wgetvalleyratwsgidavxml-opendirxwormzip

Activity Timeline

1 total obs
May 25May 25

Threat Activity Heatmap

· Peak: 2026-05-25
Less
More
Mon
Wed
Fri
Jun
·
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

The Indicator of Compromise (IOC) `59.88.15.190` represents a critical and immediate threat to organizational security, evidenced by its high risk score of 84.89 and lack of whitelisting. This IPv4 address has been strongly linked to sophisticated adversarial operations, including Command and Control (C2) infrastructure, lateral movement, data exfiltration, and resource hijacking activities. Its presence in network logs or security telemetry should be treated as a strong indication of an active …

Threat ScoreHigh Risk
85
SIGNAL
Signal Score
85%
Confidence
9
Reports
First seenMay 8, 2025
Last seenMay 25, 2026
GeolocationIN
CountryIndia
LocationCherthala, MH
ASNAS9829
OrgBSNL Internet
Coords18.9851, 75.7627

VirusTotal

Not checked

WHOIS

raw
inetnum: 59.88.0.0 - 59.88.255.255 netname: BB-Multiplay descr: O/o DGM BB, NOC BSNL Bangalore country: IN admin-c: BH155-AP tech-c: DB374-AP abuse-c: AB1061-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-IN-DOT mnt-irt: IRT-BSNL-IN last-modified: 2021-07-15T07:18:12Z source: APNIC irt: IRT-BSNL-IN address: Internet Cell address: Bharat Sanchar Nigam Limited. address: 8th Floor,148-B Statesman House address: Barakhamba Road, New Delhi - 110 001 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NC83-AP tech-c: CGMD1-AP auth: # Filtered remarks: [email protected] was validated on 2025-07-02 mnt-by: MAINT-IN-DOT last-modified: 2025-07-02T04:53:55Z source: APNIC role: ABUSE BSNLIN country: ZZ address: Internet Cell address: Bharat Sanchar Nigam Limited. address: 8th Floor,148-B Statesman House address: Barakhamba Road, New Delhi - 110 001 phone: +000000000 e-mail: [email protected] admin-c: NC83-AP tech-c: CGMD1-AP nic-hdl: AB1061-AP remarks: Generated from irt object IRT-BSNL-IN remarks: [email protected] was validated on 2025-07-02 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-07-02T04:54:12Z source: APNIC person: BSNL Hostmaster nic-hdl: BH155-AP e-mail: [email protected] address: Broadband Networks address: Bharat Sanchar Nigam Limited address: 2nd Floor, Telephone Exchange, Sector 62 address: Noida phone: +91-120-2404243 fax-no: +91-120-2404241 country: IN mnt-by: MAINT-IN-PER-DOT last-modified: 2021-12-08T10:52:18Z source: APNIC person: DGM Broadband address: BSNL NOC Bangalore country: IN phone: +91-080-25805800 fax-no: +91-080-25800022 e-mail: [email protected] nic-hdl: DB374-AP mnt-by: MAINT-IN-PER-DOT last-modified: 2011-02-19T10:03:44Z source: APNIC route: 59.88.0.0/20 descr: BSNL Internet country: IN origin: AS9829 mnt-lower: MAINT-IN-DOT mnt-routes: MAINT-IN-DOT mnt-by: MAINT-IN-AS9829 last-modified: 2008-09-04T07:54:55Z source: APNIC
references
https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 11 days ago
Appeared in 9 threat reports