IOC Radar
IPMediumSignal 70/100

45.122.123.84

Location
IndiaIndia
Delhi, UP
ASN
AS134375
FusionNet
First Seen
Sep 13, 2022
Last Seen
Apr 5, 2026
Sep 13
First Seen
1370d ago
Apr 5
Last Seen
70d ago
24
Reports
source reports
70%
Confidence
medium
Found in 24 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
70%
Signal Score
70 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

54 techniques

Network Information

CountryINIndia
RegionDelhi, UP
ASNAS134375
OrganizationFusionNet

Feed Intelligence Summary

24 reports70% confidence
24
Source reports
70%
Confidence score
Category tags
abuseabuseipdbaccess controlaccount compromiseactive scanactive scanningaerospace & defenseaptasiaattackattacker ipattacker ipsaustraliaaustralia network activityauto-generated securityautomated attacksautomotive manufacturingbad reputationblacklist candidateblacklisted ipbotnetbotnet activitybotnet activity detectedbrute forcebrute force attackc2c2 communicationcertcivil servicescloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommunication protocolcompromised hostcompromised hostscowrie honeypotcredential accesscredential guessingcredential harvestingcredential stuffingctacyber securitydata encryptiondata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackddos attacksdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydionaea honeypotdistributed attackselectronics manufacturingencryptioneuropeexploitexploitation activityexploited hostexternal ipfattfinlandfranceftpftp brute forcegermanygovernment technologyhackinghoneynet connecthoneytrap honeypothttp brute forcehttp scanneridentity & access exploitationinindiaindicatorindustrial automationindustrial iotindustrial productioninfrastructure acquisitionreconnaissanceinjection activityinjection attacksinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attackipv4lateral movementlogin attemptmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware communicationmalware distributionmanualmanufacturing technologymilitary operationsmirai botnetmssqlnational securitynetworknetwork attacksnetwork enumerationnetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynextraynorth americaoceaniap0fpassword attackpassword attacksphishingphishing attackphishing trappolandprocess injectionprocess manufacturingprotocol exploitationpublic administrationpublic infrastructurepublic policyquality controlransomwareratreconnaissanceredpiranhareferenceregulatory agenciesremote accessremote servicesresearchedresource hijackingscanscannerscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetsip scanningsipvicious scansmb brute forcesmtpsmtp brute forcesocial engineeringsocradarspamssh attackssh monitoringssh scanningsupply chain attacksupply chain managementt1003t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1055t1059t1059.001t1059.003t1059.004t1059.007t1068t1071t1071.001t1076t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1203t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1550.003t1562t1563t1565t1566.001t1566.002t1566.003t1573t1587.001t1590.001t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpottraffic anomalyudp scanunauthorized access attemptunited statesunknown threat actorvoipvoip attackvulnerability scanweb attackweb exploitationweb traffic

Activity Timeline

1 total obs
Apr 5Apr 5

Threat Activity Heatmap

· Peak: 2026-04-05
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
70
SIGNAL
Signal Score
70%
Confidence
24
Reports
First seenSep 13, 2022
Last seenApr 5, 2026
GeolocationIN
CountryIndia
LocationDelhi, UP
ASNAS134375
OrgFusionNet
Coords26.4969, 80.3246

VirusTotal

Not checked

WHOIS

description
IPV4 hosts detected attempting to brute force MSSQL on private honeypot
raw
inetnum: 45.122.123.0 - 45.122.123.255 netname: FWSPL-IN descr: FusionNet country: IN admin-c: FWSP1-AP tech-c: FWSP1-AP abuse-c: AF595-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-FWSPL-IN mnt-irt: IRT-FWSPL-IN last-modified: 2021-05-04T13:23:03Z source: APNIC irt: IRT-FWSPL-IN address: 711/92, Deepali, Nehru Place,, New Delhi, New Delhi Delhi 110019 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: FWSP1-AP tech-c: FWSP1-AP auth: # Filtered remarks: [email protected] was validated on 2025-07-10 mnt-by: MAINT-FWSPL-IN last-modified: 2025-07-10T15:14:21Z source: APNIC role: ABUSE FWSPLIN country: ZZ address: 711/92, Deepali, Nehru Place,, New Delhi, New Delhi Delhi 110019 phone: +000000000 e-mail: [email protected] admin-c: FWSP1-AP tech-c: FWSP1-AP nic-hdl: AF595-AP remarks: Generated from irt object IRT-FWSPL-IN remarks: [email protected] was validated on 2025-07-10 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-07-10T15:15:06Z source: APNIC role: Fusionnet Web Services Private Limited administrat address: 711/92, Deepali, Nehru Place,, New Delhi, New Delhi Delhi 110019 country: IN phone: +91-9643315222 fax-no: +91-9643315222 e-mail: [email protected] admin-c: FWSP1-AP tech-c: FWSP1-AP nic-hdl: FWSP1-AP mnt-by: MAINT-FWSPL-IN last-modified: 2015-07-09T00:33:37Z source: APNIC route: 45.122.123.0/24 descr: FusionNet origin: AS134375 mnt-by: MAINT-FWSPL-IN last-modified: 2015-08-25T06:43:00Z source: APNIC
references
https://github.com/telekom-security/tpotce, https://redpiranha.net, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, http://cinsscore.com/list/ci-badguys.txt, https://github.com/borestad/blocklist-abuseipdb/blob/main/abuseipdb-s100-3d.ipv4, https://jamesbrine.com.au/vultrwarsaw-mssql-bruteforce-ip-list-2023-09-29/, https://jamesbrine.com.au, https://jamesbrine.com.au/vultrwarsaw-mssql-bruteforce-ip-list-2023-08-22/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 2 months ago
Appeared in 24 threat reports