122.160.80.105
IP Intelligence Briefing: 122.160.80.105
Date: 2026-06-17
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Provider: Bharti Airtel Ltd. (ASN 24560)
- Geolocation: Delhi, India (National Capital Territory)
- Network Role: Mobile Carrier (LTE/5G)
- Threat Indicators:
- Listed in 6/8 DNSBLs (high abuse confidence).
- No direct malware, phishing, or campaign indicators.
---
**2. Network Context**
- Subnet: 122.160.80.0/24
- Subnet Abuse Density: 0% (no active malicious neighbors).
- Mobile Carrier: Airtel (MCC 404, MNC 10)
- DNS Association:
- Hostname: `abts-north-static-105.80.160.122.airtelbroadband.in`
- SPF/DMArc configured (no email domain hosted).
---
**3. Threat Observations**
- Historical Listings:
- Consistently listed in 6 DNSBLs (e.g., Spamhaus, Project Honey Pot) since 2026-06-02.
- No correlation with known campaigns or C2 servers.
- Geolocation Plausibility: Low (inferred via multi-signal inference).
---
**4. Relationships**
- Linked Entities:
- Same network: `ABTS-DSl-DEL` (repeated 24x in relationships).
- DNS hostname: `abts-north-static-105.80.160.122.airtelbroadband.in` (multiple associations).
- No External Threat Links: No connections to organizations, certificates, or subnets flagged as malicious.
---
**5. Recommendations**
- Block/Rate Limit: Implement firewall rules to block or rate limit traffic from this IP (via iptables/nftables, AWS WAF, etc.).
- Monitor Subnet: Track activity on the 122.160.80.0/24 subnet for anomalies, despite low abuse density.
- Verify DNSBL Context: Investigate why this mobile carrier IP is listed in DNSBLsโpotential false positives or misconfigurations.
- Check for Anomalies: Monitor for unexpected outbound connections or DNS queries from this IP.
---
Conclusion:
This IP is a high-risk mobile carrier address associated with Bharti Airtel, listed in multiple DNSBLs. While no direct malicious activity is observed, its persistent blacklisting warrants further investigation. SOC teams should prioritize blocking the IP and monitoring related network segments for potential compromise.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-BHARTI-IN |
| ASN | AS24560 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | abts-north-static-105.80.160.122.airtelbroadband.in |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | abts-north-static-105.80.160.122.airtelbroadband.in |
๐ DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Single-Service Host |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 24% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 24% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-07 23:03:36 UTC |
| Last Seen | 2026-06-26 18:10:32 UTC |
| Profile Built | 2026-06-24 00:54:53 UTC |
| Data Freshness | Fresh |
| Signal Types | 21 |
| Total Observations | 22 |
Full dossier details are available via our API.