← Back to feed
AS9498 BHARTI Airtel Ltd.
ASN Active mediumWhy this campaign was detected
5 IPs from the same network (BHARTI Airtel Ltd., AS9498) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS9498 · BHARTI Airtel Ltd.
Subnet
—
Country
🇮🇳 IN
Cloud Provider
—
Member Count
5 IPs
Below average
Total Events
1576
Below average by volume
Started / Ended
2026-02-18 01:11 — ongoing
Attack Types
MITRE ATT&CK Techniques
Initial Access
Discovery
Command and Control
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 125.21.59.218 | credential_harvester | 71% | 1x OSINT | 1347 | 3 | ssh:bruteforce | — | 2026-05-07 22:05 | evidence → |
| 125.20.210.182 | credential_harvester | 45% | 2x OSINT | 30 | 2 | ssh:bruteforce | — | 2026-05-12 00:55 | evidence → |
| 125.22.162.46 | credential_harvester | 44% | 1x OSINT | 181 | 1 | ssh:bruteforce | — | 2026-05-09 21:13 | evidence → |
| 182.95.153.122 | scanner | 42% | 14 | 3 | ssh:bruteforce | — | 2026-05-12 04:15 | evidence → | |
| 182.66.193.212 | opportunistic_bruter | 21% | 6 | 1 | ssh:bruteforce | — | 2026-05-05 20:31 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds