IOC Radar
IPMediumSignal 50/100

122.184.124.46

Location
IndiaIndia
Faridabad, Haryana
ASN
AS9498
Bharti Airtel Limited
First Seen
May 29, 2025
Last Seen
Jun 15, 2026
May 29
First Seen
392d ago
Jun 15
Last Seen
11d ago
19
Reports
source reports
50%
Confidence
medium
Found in 19 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
50%
Signal Score
50 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

56 techniques

Network Information

CountryINIndia
RegionFaridabad, Haryana
ASNAS9498
OrganizationBharti Airtel Limited

Feed Intelligence Summary

19 reports50% confidence
19
Source reports
50%
Confidence score
Category tags
abuseaccess controlaccount discoveryaccount enumerationaccount profilingaccount takeoveraccount-compromiseactive scanactive scanningactive-attackadresse ipaptasiaattackauthenticationauthentication-failureazure adbad reputationbankingbelgiumbelgium ip addressesblocklistblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute-forcebruteforcec2 communicationciscocisco devicecloud environmentcloud infrastructurecommand & controlcommand and controlcommunication protocolcompromised credentialscompromised hostconpotconpot honeypotcowriecowrie honeypotcredential accesscredential compromisecredential harvestingcredential stuffingcredential-accesscredential-dumpingcredit card servicesdata exfiltrationdata store exposureddosddos attackdecoy systemdenial of servicedevice managementdionaeadionaea honeypotdistributed attacksemail-protocolemerging threatsenterprise networkingentra ideuropeexfiltrationexploit attemptexploitation activityexploited hostfinancefinance and insurancefinancial servicesfinancial technologyfinlandfnt-secure-sentinelfnt-sentinelfrancefraud ordersftpftp brute forcegermanyhackinghoneynet connecthoneytrap honeypothttp brute forcehttp scannerhttpsics securityidentity & access exploitationimapimap attackinindiaindicatorindustrial control systemsinformation technologyinjection activityintrusion detectioniociot securityiot/ics attackit infrastructurekill-chain exploitationkill-chain reconnaissancelamplateral movementlogin attemptlogin brute forcelogin-attackmalicious activitymalicious softwaremalicious-ipmalwaremalware behaviourmalware capturemalware distributionmedium-riskmicrosoft entra idmultiple accountsmultiple accounts targetedmultiple usersmultiple users affectednetworknetwork attacksnetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork probingnetwork scanningnetwork securitynetwork traffic analysisnetwork-protocolnorth americaopenctipassword attackpassword attackspassword crackingpassword sprayingpassword-attackpayment processingphishingphishing attackpolandpotential-atoprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedresource hijackingsaslscams & fraudscannerscanning activityscripting attackssecurity operationssecurity policysentrypeer botnetsftpsftp attacksipsip brute forcesmb brute forcesmtpsmtp attackersmtp brute forcesmtp-attacksocial engineeringsoftware developmentspamsshssh attackssh monitoringt1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1041t1046t1055t1059t1059.001t1059.003t1059.004t1059.007t1068t1071t1071.001t1076t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1203t1204.002t1486t1496t1497t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1567t1573t1573.001t1588.004t1589t1589.002t1592t1595t1595.001t1595.002t1595.003tannertcptcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodeturkeyudp scanunauthorized access attemptunauthorized login attemptsunited statesvoipvoip attackvulnerability scanwazuhwealth managementweb app attackweb application attackweb attackweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Jun 15Jun 15

Threat Activity Heatmap

· Peak: 2026-06-15
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
50
SIGNAL
Signal Score
50%
Confidence
19
Reports
First seenMay 29, 2025
Last seenJun 15, 2026
GeolocationIN
CountryIndia
LocationFaridabad, Haryana
ASNAS9498
OrgBharti Airtel Limited
Coords20.0063, 77.0060

VirusTotal

Not checked

WHOIS

description
FNT Sentinel Real-time Intercept: SMTP brute-force detected. Reference: 2026-05-09 16:08:41.1919 Login failure: 122.184.124.46 SMTP
raw
inetnum: 122.184.0.0 - 122.187.255.255 netname: BHARTI-IN descr: BHARTI Airtel Ltd. descr: ISP Division ,AES - Carrier descr: 234 , Okhala Phase III descr: NEW DELHI descr: INDIA country: IN org: ORG-BAL1-AP admin-c: NA40-AP tech-c: NA40-AP abuse-c: AB913-AP status: ALLOCATED PORTABLE mnt-by: APNIC-HM mnt-lower: MAINT-IN-BBIL mnt-routes: MAINT-IN-BBIL mnt-irt: IRT-BHARTI-IN last-modified: 2020-07-07T05:22:00Z source: APNIC irt: IRT-BHARTI-IN address: Bharti Airtel Ltd. address: ISP Division - Transport Network Group address: 234 , Okhla Industrial Estate, address: Phase III, New Delhi-110020, INDIA e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NA40-AP tech-c: NA40-AP auth: # Filtered remarks: [email protected] remarks: [email protected] is invalid mnt-by: MAINT-IN-BBIL last-modified: 2023-05-24T13:05:19Z source: APNIC organisation: ORG-BAL1-AP org-name: Bharti Airtel Limited org-type: LIR country: IN address: Transport Network Group address: 234, Okhla Phase III phone: +911244282398 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:14:45Z source: APNIC role: ABUSE BHARTIIN address: Bharti Airtel Ltd. address: ISP Division - Transport Network Group address: 234 , Okhla Industrial Estate, address: Phase III, New Delhi-110020, INDIA country: ZZ phone: +000000000 e-mail: [email protected] admin-c: NA40-AP tech-c: NA40-AP nic-hdl: AB913-AP remarks: Generated from irt object IRT-BHARTI-IN remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2023-05-24T13:16:31Z source: APNIC person: Network Administrator nic-hdl: NA40-AP e-mail: [email protected] address: Bharti Airtel Ltd. address: ISP Division - Transport Network Group address: Plot no.16 , Udyog Vihar , Phase -IV , Gurgaon - 122015 , Haryana , INDIA address: Phase III, New Delhi-110020, INDIA phone: +91-124-4222222 fax-no: +91-124-4244017 country: IN mnt-by: MAINT-IN-BBIL last-modified: 2018-12-18T12:52:19Z source: APNIC route: 122.184.124.0/24 origin: AS9498 descr: Bharti Airtel Limited Transport Network Group 234, Okhla Phase III mnt-by: MAINT-IN-BBIL last-modified: 2024-03-11T08:50:55Z source: APNIC
references
https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 11 days ago
Appeared in 19 threat reports