Hi, we found some connections from one of our devices using rutserv.exe to 216.158.232.18 using port 5655. And our soc found this as possibly malicious, due to this ip being in few places mentioned as IoC for log4j c2c, custom detections.
Is it verified RU ip?