122.168.199.151 Threat Intelligence and Host Information

Sep 11, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 122.168.199.151 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 63/100

Host and Network Information

Mitre ATT&CK IDs: T1046 - Network Service Scanning, T1090 - Proxy, T1110 - Brute Force, T1566 - Phishing, T1583.005 - Botnet
Tags: attack, babuk, bianlian, blackcat, Blacklist, cyber security, dark, dark web, december, DNSBL, egregor, hunter, ioc, italian mario, july, june, lockbit, login, malicious, mario, mega, megacortex, Nextray, noescape, paulsan, phishing, ransomhouse, resecurity, samsam, scanner, scanners, SPAM, ssh, SSH, Telnet, vultr, white rabbit
View other sources: Spamhaus VirusTotal

Country: India
Network:
Noticed: 50 times
Protocols Attacked: ssh
Countries Attacked: Belgium, Canada, China, Czechia, Denmark, Estonia, France, Germany, India, Italy, Korea Republic of, Latvia, Lithuania, Norway, Poland, Romania, Singapore, Taiwan, Thailand, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: synoinstall-i4mj3p76ptz1xlzf.direct.quickconnect.to

Open Ports Detected

104 3389 80

CVEs Detected

CVE-2015-9251 CVE-2019-11358 CVE-2020-11022 CVE-2020-11023

Map

Whois Information

inetnum: 122.168.0.0 - 122.168.255.255
netname: ABTS-DSL-MPCG
descr: 1 Malviya Nagar,
descr: Bhopal
descr: Madhya Pradesh
descr: India
descr: Contact Person: DSL TAC
descr: Email: DSLTAC2NORTH.UNOC@airtel.com
descr: Phone :- +91- 0755-4200253
descr: Date of allocation:03-apr-08
country: IN
geoloc: 23.240122 77.406257
admin-c: MP398-AP
tech-c: MP398-AP
abuse-c: AB914-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-IN-TELEMEDIA
mnt-lower: MAINT-IN-TELEMEDIA
mnt-routes: MAINT-IN-TELEMEDIA
mnt-irt: IRT-BHARTI-TELEMEDIA-IN
last-modified: 2021-03-31T13:02:46Z
irt: IRT-BHARTI-TELEMEDIA-IN
address: Bharti Airtel Ltd.
e-mail: shankar.B@airtel.com
abuse-mailbox: dsltac2north.unoc@airtel.com
admin-c: NS282-AP
tech-c: NS282-AP
mnt-by: MAINT-IN-TELEMEDIA
last-modified: 2025-09-04T01:01:41Z
role: ABUSE BHARTITELEMEDIAIN
country: ZZ
address: Bharti Airtel Ltd.
phone: +000000000
e-mail: shankar.B@airtel.com
admin-c: NS282-AP
tech-c: NS282-AP
nic-hdl: AB914-AP
abuse-mailbox: dsltac2north.unoc@airtel.com
mnt-by: APNIC-ABUSE
last-modified: 2025-08-03T10:17:17Z
person: Network Administrator for ABTS MP
address: Bharti Airtel Ltd
address: 3rd, FLoor Metro Towers, Scheme No 54
address: Vijay Nagar Indore, MP
country: IN
phone: +911244164791
e-mail: ang.ipadmin@airtel.com
nic-hdl: MP398-AP
mnt-by: MAINT-IN-TELEMEDIA
last-modified: 2017-11-02T10:59:34Z
route: 122.168.199.0/24
descr: BHARTI-IN
descr: Bharti Tele-Ventures Limited
descr: Class A ISP in INDIA .
descr: 234 , OKHLA PHASE III ,
descr: NEW DELHI
descr: INDIA
country: IN
origin: AS24560
mnt-by: MAINT-IN-BBIL
last-modified: 2008-09-04T07:55:27Z

Links to attack logs

vultrwarsaw-ssh-bruteforce-ip-list-2023-07-30 ****** bruteforce-ip-list-2022-07-28 bruteforce-ip-list-2022-05-02 ****** ****** vultrwarsaw-ssh-bruteforce-ip-list-2022-08-09

Share on: