122.187.234.54

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing for 122.187.234.54

*Generated via IPDebrief Analysis*

---

Key Risk Indicators

Risk Score: 80/100 (High Risk)
Threat Observations: No direct malicious indicators (no malware, phishing, or spam signals).
Network Role: Mobile network infrastructure (Airtel, India).
Abuse Density: Subnet (122.187.234.0/24) has 25% abuse density, with 1 high-risk neighbor.

---

Ownership & Geolocation

Registrar: IRT-BHARTI-IN (Bharti Airtel Ltd., India).
Location: Navsari, Maharashtra, India (approx. 6,906 km from probe).
Mobile Carrier: Airtel (MCC 404, MNC 10, LTE/5G).

---

Network & Service Profile

Open Ports: 22 (SSH), 443 (HTTPS).
Server Fingerprint: Lighttpd 1.4.45 (outdated; last update: 2016).
TLS Certificate: Self-signed, no SANs, no HSTS.
BGP Data: ASN 9498, route stability score 0.3043 (Basic).

---

Observation History

Recent Activity:

- 2026-06-17: Geolocation inferred (India, 1500 km accuracy).

- 2026-06-12: Network operator score (Basic) and HTTP server fingerprint.

Stability: Route stable over 30 days; no ownership changes.

---

Neighbor Analysis

Subnet: 122.187.234.0/24 (5 total IPs).
Risk Distribution:

- 1 high-risk neighbor (122.187.234.73, score 80).

- 2 medium-risk neighbors (score 55, 70).

- 2 low-risk neighbors.

---

Recommended Actions

1. Block the IP:

- Firewall Rules:

- `iptables -A INPUT -s 122.187.234.54 -j DROP`

- `nft add rule inet filter input ip saddr 122.187.234.54 drop`

- AWS WAF/Cloudflare WAF rules provided in response.

2. Monitor Subnet: Investigate high-risk neighbors (e.g., 122.187.234.73).

3. Review Server Configuration:

- Self-signed TLS certificate and outdated Lighttpd version pose security risks.

4. Check for Anomalies: Monitor SSH (port 22) and HTTPS traffic for unusual patterns.

---

Conclusion: While no direct malicious activity is detected, the IP’s high risk score, mobile network context, and association with a high-risk subnet warrant close monitoring and proactive mitigation. The recommendation to block the IP aligns with its elevated risk profile.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇮🇳 India
Region	Maharashtra
City	Navsāri
Timezone	—
Latitude	20.96
Longitude	77.74

🏢 Ownership & Registration

Organization	IRT-BHARTI-IN
ASN	AS9498
Network Name	BNLD-209392-NewDelhi
CIDR Block	122.187.0.0/16
RIR	APNIC
Country	IN
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	nsg-corporate-54.234.187.122.airtel.in
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`nsg-corporate-54.234.187.122.airtel.in`

🔐 DNS Hygiene

Hygiene Score	60% (Good)
SPF	Present
DMARC	Present
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Mobile
Service Purpose	Web Server
Network Tier	Tier 3 — Basic operator with some routing infrastructure

Mobile

🔌 Services & Open Ports

Port	Service	Protocol	Banner
443	https	tcp	—
22	ssh	tcp	—
Closed Ports	25, 80, 3389, 8080, 8443 (2 open / 7 scanned)

Server	lighttpd/1.4.45
HTTP Title	—

🔐 TLS Certificate

A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.

⚠️

CN=localhost

Issued by CN=localhost

Self-signed: Yes

SANs	None
Valid From	2021-01-06T20:21:38+00:00
Valid Until	2031-01-04T20:21:38+00:00
TLS Protocol	Tls12
Cipher Suite	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Signature Algorithm	sha256RSA
Validity Period	3650 days
Serial Number	00A118142C7C97DE52
Thumbprint	5B563FA1C9AF06F27EBD918EEB0929DD53149460

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	26%	2	3
routing	27%	2	3
services	26%	2	3
ownership	30%	3	4
reputation	17%	1	2
geolocation	30%	2	3
Overall	26%	12	18

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Fresh

First Seen	2026-05-07 23:03:36 UTC
Last Seen	2026-06-26 18:10:33 UTC
Profile Built	2026-06-24 00:48:20 UTC
Data Freshness	Fresh
Signal Types	27
Total Observations	28

🔍 27 signal types · 28 observations collected

This report is generated from 27+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

122.187.234.54📋 Copy

**Key Risk Indicators**

**Ownership & Geolocation**

**Network & Service Profile**

**Observation History**

**Neighbor Analysis**

**Recommended Actions**