IPDebrief

122.187.229.43

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 122.187.229.43

Date: 2026-06-07

---

**1. Overview**

---

**2. Key Findings**

- Part of Bharti Airtelโ€™s network (MCC 404, MNC 10).

- LTE/5G technology, likely corporate or enterprise use.

- Linked to `nsg-corporate-43.229.187.122.airtel.in` (PTR record).

- SPF and DMARC records configured for email security.

- Subnet: `122.187.229.0/24`

- Abuse Density: 75% (12/16 neighbors flagged as high/medium risk).

- High-risk neighbors include IPs with scores up to 80 (e.g., 122.187.229.12, 122.187.229.59).

- Stable ownership (no recent changes).

- Minimal risk signals over the past 30 days.

- No persistent malicious activity or campaign correlations.

---

**3. Threat & Security Context**

- No malicious indicators, spam, or blacklisted activity.

- No TLS certificates or open services detected.

- High abuse density in the subnet suggests potential for lateral movement or compromised neighbors.

- Monitor high-risk neighbors (e.g., 122.187.229.12, 122.187.229.59) for suspicious behavior.

- Geolocation data matches India, with plausible routing paths.

---

**4. Recommendations**

- Track high-risk neighbors in the `122.187.229.0/24` subnet for unusual traffic patterns.

- Validate DNS associations with `airtel.in` domains for potential spoofing risks.

- Consider blocking high-risk neighbors (e.g., 122.187.229.12, 122.187.229.59) if they are not required assets.

- Implement egress filtering for traffic to Bharti Airtelโ€™s network (ASN 9498).

- Correlate with internal logs to verify if this IP is part of a larger network segment.

---

Source: IPDebrief Threat Intelligence Platform

Note: This IP appears to be a legitimate mobile carrier asset, but its subnet contains a significant number of high-risk IPs. Prioritize monitoring and segmentation for mitigated risk exposure.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฎ๐Ÿ‡ณ India
RegionMaharashtra
CityNavsฤri
Timezoneโ€”
Latitude20.96
Longitude77.74

๐Ÿข Ownership & Registration

OrganizationIRT-BHARTI-IN
ASNAS9498
Network NameBNLD-209392-NewDelhi
CIDR Block122.187.0.0/16
RIRAPNIC
CountryIN
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRnsg-corporate-43.229.187.122.airtel.in
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnamesnsg-corporate-43.229.187.122.airtel.in

๐Ÿ” DNS Hygiene

Hygiene Score40% (Fair)
SPFPresent
DMARCPresent
FCrDNSNot verified
DNSSECNot signed
CAANot configured

โ˜๏ธ Network Classification

InfrastructureMobile
Service PurposeWeb Server
Network TierUnknown โ€” Insufficient routing data to classify
Mobile

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
443httpstcpโ€”
22sshtcpโ€”
Closed Ports25, 80, 3389, 8080, 8443 (2 open / 7 scanned)
Serverlighttpd/1.4.64
HTTP Titleโ€”

๐Ÿ” TLS Certificate

A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.
โš ๏ธ
CN=localhost
Issued by CN=localhost
Self-signed: Yes
SANsNone
Valid From2024-05-21T18:26:24+00:00
Valid Until2034-05-19T18:26:24+00:00
TLS ProtocolTls13
Cipher SuiteTLS_CHACHA20_POLY1305_SHA256
Signature Algorithmsha256RSA
Validity Period3650 days
Serial Number25896DE94290AF050BF16D49423566E8B0F8C2B9
ThumbprintF5DD852C06DEFC30AB53AFBA525A90105C1E7A04

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
13%
11
routing
13%
11
services
13%
11
ownership
27%
23
reputation
13%
11
geolocation
13%
11
Overall16%78
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-16 08:55:50 UTC
Last Seen2026-06-07 20:24:27 UTC
Profile Built2026-06-07 21:03:30 UTC
Data FreshnessLive
Signal Types23
Total Observations23
๐Ÿ” 23 signal types ยท 23 observations collected
This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.