122.170.98.139

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 122.170.98.139

Date: 2026-06-17

---

1. Core Profile

Risk Score: High (80/100)
Ownership:

- ASN: 24560

- Organization: "Network Administrator for ABTS MUM" (APNIC registered)

- Geolocation: Mumbai, Maharashtra, India (122.170.98.139/24 subnet)

Network Role: Mobile carrier (Airtel) LTE/5G, infrastructure type: Mobile Carrier.
Threat Indicators:

- Listed in 5/8 DNSBLs (abuse confidence score: 4).

- TLS certificate with self-signed SANs (CN=dsldevice.lan) observed.

- No active malware indicators or known attacker campaigns.

---

2. Observation History

Recent Activity (2026-06-17):

- DNSBL Listings: Detected in 5 DNSBLs (high severity).

- TLS Scan: TLSv1.3 with AES-256-GCM cipher suite; server banner: "thttpd".

- DNS Resolution: Valid DNSSEC-signed record (139.98.170.122.in-addr.arpa).

- Email Security: SPF/DKIM records found for "airtelbroadband.in" (SPF: `include:airtel.com`).

---

3. Network Relationships

Subnet: 122.170.98.0/24 (ABTS-WEST-DSL-MUM).
Linked Entities:

- Same network as "ABTS-WEST-DSL-MUM" (APNIC).

- No direct relationships to known malicious organizations or domains.

---

4. Subnet Analysis

Neighbor Risk: No active IPs in the 122.170.98.0/24 subnet (abuse density: 0).
Isolation: IP appears isolated; no sibling IPs detected.

---

5. Actionable Insights

Threat Level: High risk due to DNSBL listings and self-signed TLS certificates.
SOC Recommendations:

- Monitor for outbound traffic to known malicious domains.

- Investigate TLS certificate anomalies (self-signed SANs).

- Block IP in firewall rules if associated with unauthorized access.

- Verify if device is part of a compromised mobile network (Airtel).

---

Note: No active malware or campaign indicators detected. Further investigation into DNSBL listings and TLS anomalies recommended.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇮🇳 India
Region	Maharashtra
City	Mumbai
Timezone	—
Latitude	19.07
Longitude	72.89

🏢 Ownership & Registration

Organization	Network Administrator for ABTS MUM
ASN	AS24560
Network Name	ABTS-WEST-DSL-MUM
CIDR Block	122.170.0.0/17
RIR	APNIC
Country	IN
Abuse Contact	—

🌐 DNS Intelligence

PTR	abts-mum-static-139.98.170.122.airtelbroadband.in
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`abts-mum-static-139.98.170.122.airtelbroadband.in`

🔐 DNS Hygiene

Hygiene Score	60% (Good)
SPF	Present
DMARC	Present
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Mobile
Service Purpose	Web Server
Network Tier	Unknown — Insufficient routing data to classify

Mobile

🔌 Services & Open Ports

Port	Service	Protocol	Banner
443	https	tcp	—
8080	http-alt	tcp	—
3389	rdp	tcp	—
Closed Ports	22, 25, 80, 8443 (3 open / 7 scanned)

Server	thttpd
HTTP Title	—

🔐 TLS Certificate

🔒

CN=dsldevice.lan, OU=DHBU, O=NSB, S=SH, C=CN

Issued by CN=Nokia DHBU Root CA, O=Nokia-DHBU, C=CN

Self-signed: No

SANs	None
Valid From	2016-09-07T06:17:48+00:00
Valid Until	2036-09-02T06:17:48+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha256RSA
Validity Period	7300 days
Serial Number	00DB8C502BACC8100B
Thumbprint	3DF47EC561D3239A7CB89544E252AD58283EB176

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	28%	2	4
routing	13%	1	1
services	31%	2	4
ownership	15%	2	2
reputation	21%	1	3
geolocation	21%	2	2
Overall	22%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mixed Signals (68%) — 2 contradiction(s)
Attribution	Low (35%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Geo sources disagree on country: CN, IN
⚠ TLS certificate claims CN but primary geo says IN

📅 Observation Timeline 🔄 Fresh

First Seen	2026-05-07 23:03:36 UTC
Last Seen	2026-06-26 18:10:32 UTC
Profile Built	2026-06-24 00:52:40 UTC
Data Freshness	Fresh
Signal Types	23
Total Observations	25

🔍 23 signal types · 25 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

122.170.98.139📋 Copy

**1. Core Profile**

**2. Observation History**

**3. Network Relationships**

**4. Subnet Analysis**

**5. Actionable Insights**