IPMediumSignal 52/100
128.185.218.118
Location
IndiaBengaluru, Karnataka
ASN
AS9498
Bharti Airtel Limited
First Seen
Apr 9, 2025
Last Seen
Jun 7, 2026
Found in 23 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
52%
Signal Score
52 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryIndia
IndiaRegionBengaluru, Karnataka
ASNAS9498
OrganizationBharti Airtel Limited
Feed Intelligence Summary
23 reports52% confidence
23
Source reports
52%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningactive-attackapacheapache attackeraptasiaattackattack-attemptaustraliaauthenticationauthentication-failurebad reputationbad web botblocklist_allbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attemptsbrute-forcebrute_force_attackbruteforcec2c2 communicationcloud infrastructurecloud infrastructure attackcloud infrastructure targetcloud servicescloud-infrastructurecommand & controlcommand and controlcommand-and-controlcommunication protocolcowriecredential accesscredential attackcredential brute forcecredential compromise attemptcredential harvestingcredential stuffingcredential-accesscredential-dumpingcredential-harvestingdata exfiltrationdata store exposureddosddos attackddos participationdecoy systemdenial of servicedigital oceandistributed attacksemailemail-protocolenv-huntingeuropeexploit activityexploitation activityexploited hostexternal attackexternal remote servicesexternal-threatexternal_threatfinlandfnt-secure-sentinelfnt-sentinelfrancefraud voipftpftp brute forceftp brute-forceftp_scangermanyhackinghoneynet connecthttp brute forcehttp_scanidentity & access exploitationimapimap attackinindiaindicatorindicators of compromiseinitial access attemptinitial access preparationinjection activityinternet facing assetsinternet wide scaninternet-facinginternet_wide_scanipv4ipv4 addressesipv4 indicatorsipv4-addressesipv4-indicatorsipv4_scanningjapanlateral movementlogin attemptmalaysiamalicious activitymalicious domainmalicious ip addressesmalicious softwaremalicious-ipmalwarenetworknetwork attacksnetwork enumerationnetwork intrusionnetwork probingnetwork reconnaissancenetwork scanningnetwork scanning activitynetwork securitynetwork service scanningnetwork servicesnetwork traffic analysisnetwork-protocolnetwork-reconnaissancenetwork_reconnaissancenginxnorth americaoceaniapassword attackpassword attacksphishingphishing attackpolandport-scanningprocess injectionproject_gifted1protocol exploitationrdp_scanreconnaissanceremote accessremote servicesremote-accessresearchedresource hijackingsaslscams & fraudscannerscanner ipscannersscanning activitysecure shell protocolsecurity eventsecurity operationssecurity policyservice scansmb brute forcesmtpsmtp attackersmtp brute forcesmtp-attacksocial engineeringspamsshssh attackssh protocolssh-brutessh_scant1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1573t1573.001t1589.002t1590t1592t1595t1595.001t1595.002t1595.003tcp protocoltcp scantcp/iptelnet threatthreat actorthreat intelligencethreat preventionthreat_actor_unknowntokyotor nodeturkeyudp scanunauthorized accessunauthorized access attemptunauthorized-accessunited kingdomunited statesunknown threat actorunknown threat groupvulnerability scanweb app attackweb application attackweb exploitationweb spamworker_strike
Activity Timeline
Jun 7Jun 7
Threat Activity Heatmap
· Peak: 2026-06-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
52
SIGNAL
Signal Score
52%
Confidence
23
Reports
First seenApr 9, 2025
Last seenJun 7, 2026
GeolocationIN
CountryIndia
LocationBengaluru, Karnataka
ASNAS9498
OrgBharti Airtel Limited
Coords12.9716, 77.5946
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 128.185.128.0 - 128.185.255.0 netname: BHARTI-IN descr: BHARTI-AIRTEL country: IN admin-c: NA40-AP tech-c: NA40-AP abuse-c: AB913-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-IN-BBIL mnt-irt: IRT-BHARTI-IN last-modified: 2024-12-30T13:24:24Z source: APNIC irt: IRT-BHARTI-IN address: Bharti Airtel Ltd. address: ISP Division - Transport Network Group address: 234 , Okhla Industrial Estate, address: Phase III, New Delhi-110020, INDIA e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NA40-AP tech-c: NA40-AP auth: # Filtered remarks: [email protected] remarks: [email protected] is invalid mnt-by: MAINT-IN-BBIL last-modified: 2023-05-24T13:05:19Z source: APNIC role: ABUSE BHARTIIN address: Bharti Airtel Ltd. address: ISP Division - Transport Network Group address: 234 , Okhla Industrial Estate, address: Phase III, New Delhi-110020, INDIA country: ZZ phone: +000000000 e-mail: [email protected] admin-c: NA40-AP tech-c: NA40-AP nic-hdl: AB913-AP remarks: Generated from irt object IRT-BHARTI-IN remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2023-05-24T13:16:31Z source: APNIC person: Network Administrator nic-hdl: NA40-AP e-mail: [email protected] address: Bharti Airtel Ltd. address: ISP Division - Transport Network Group address: Plot no.16 , Udyog Vihar , Phase -IV , Gurgaon - 122015 , Haryana , INDIA address: Phase III, New Delhi-110020, INDIA phone: +91-124-4222222 fax-no: +91-124-4244017 country: IN mnt-by: MAINT-IN-BBIL last-modified: 2018-12-18T12:52:19Z source: APNIC route: 128.185.218.0/24 origin: AS9498 descr: Bharti Airtel Limited Transport Network Group 234, Okhla Phase III mnt-by: MAINT-IN-BBIL last-modified: 2024-11-30T16:13:59Z source: APNIC
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 7 days ago
Appeared in 23 threat reports