106.222.212.34
# IPDEBRIEF THREAT INTELLIGENCE BRIEFING
Target: 106.222.212.34/32
Classification: Moderate Risk (Score: 40)
Date: Current Intelligence Cycle
---
## EXECUTIVE SUMMARY
IP 106.222.212.34 is a mobile carrier endpoint associated with Bharti Airtel Ltd. (ASN 24560), operating from India. The address exhibits a moderate risk profile (40) with minimal threat indicators. No active malicious campaigns, blacklist presence, or known attacker attribution detected. The IP is classified as mobile/residential with no open services or DNS presence.
---
## OWNERSHIP AND GEOLOCATION
- ASN: 24560 (IRT-BHARTI-MO-IN)
- Organization: Bharti Airtel Ltd.
- Country: India (IN)
- Region: Madhya Pradesh, Bhopal
- Mobile Carrier: Airtel (MCC: 404, MNC: 10)
- Connection Technology: LTE/5G
- BGP Prefix: 106.222.212.0/22
---
## THREAT ASSESSMENT
| Metric | Value | Assessment |
|---|---|---|
| Risk Score | 40 | Moderate |
| Operator Score | 0.1304 | Minimal |
| Blacklist Count | 0 | Clean |
| Abuse Confidence | Not elevated | Low |
| Known Campaigns | 0 | None |
| DNSBL Listed | 2/8 lists | Minimal |
| Threat Persistence | 0 days | No |
| Known Attacker | No | False |
| Tor Exit Node | No | False |
Threat Indicators: None detected. IP does not match any known threat feeds or campaign signatures.
---
## NETWORK BEHAVIOR
- Services: No open ports detected
- DNS: No PTR records, no forward resolution, no hosted domains
- TLS/HTTP: No certificates, no HTTP title, no banner response
- Network Role: Mobile endpoint, firewalled/no services
- Stability: Route not stable (isRouteStable: false)
- Ownership Changes: 0 (stable ownership)
---
## OBSERVATION HISTORY (18 signals)
Recent observations (June 2026):
- 2026-06-25: Operator score 0, minimal threat indicators
- 2026-06-05: Operator score 0.1304, minimal threat signals
Temporal Analysis: No evidence of increasing risk over time. Single threat observation recorded; not persistently malicious.
---
## SUBNET ANALYSIS
- Subnet: 106.222.212.0/24
- Abuse Density: Low (1/256)
- Classification: Mostly clean
- Threat Siblings: 1
- Risk Distribution: Low risk dominance
---
## NETWORK RELATIONSHIPS
12 relationships identified, all mapped to network infrastructure within the same routing domain (Bhubaneswar routing points). No cross-organization or cross-ASN associations detected.
---
## RECOMMENDED ACTIONS
Risk-Based Blocking Recommended: Risk score 40 warrants defensive blocking on ingress.
Firewall Rules:
```bash
# iptables
iptables -A INPUT -s 106.222.212.34 -j DROP
# nftables
nft add rule inet filter input ip saddr 106.222.212.34 drop
# nginx
deny 106.222.212.34;
# pfSense
106.222.212.34/32
# Cloudflare WAF
Expression: ip.src eq 106.222.212.34
Action: block
# AWS WAF
Addresses: 106.222.212.34/32
Description: IPDebrief risk 40
```
---
## INTELLIGENCE JUDGMENT
This IP represents a mobile carrier endpoint with moderate risk classification. The absence of open services, no blacklist presence, and clean threat indicators suggest benign mobile traffic patterns. The risk score of 40 is elevated primarily through control plane metrics and BGP routing instability rather than active threat activity. Recommend blocking as defensive measure but with awareness this is a legitimate mobile carrier IP.
Confidence Level: High (data sufficiency: 13/18 dimensions covered)
Priority: Medium (proactive defense, not immediate threat)
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-BHARTI-MO-IN |
| ASN | AS24560 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 20% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 19% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 17% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-08 17:17:26 UTC |
| Last Seen | 2026-06-25 08:01:51 UTC |
| Profile Built | 2026-06-25 08:09:45 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 16 |
Full dossier details are available via our API.