128.185.225.150
IP Intelligence Briefing: 128.185.225.150
*Generated via IPDebrief Tools*
---
**1. Risk Profile**
- Overall Risk Score: 70 (High Risk)
- Provider Score: 0 (Unverified)
- Authority Score: 0 (Unverified)
- Network Role: Mobile device (Airtel LTE/5G)
- Threat Indicators:
- Listed in 4/8 DNSBLs (high severity).
- No direct malware, phishing, or exploit indicators.
- DNSSEC validation: Enabled.
---
**2. Ownership & Geolocation**
- ASN: 9498 (IRT-BHARTI-IN, telecom provider in India).
- Geolocation:
- Country: India (IN)
- Latitude: 20.59, Longitude: 78.96 (approximate).
- Accuracy radius: 1,500 km.
- Mobile Carrier: Bharti Airtel Ltd. (MCC 404, MNC 10).
---
**3. Observation History**
- Latest Activity: June 2026.
- Key Trends:
- DNSBL Listings: 4 high-severity blacklists (e.g., Spamhaus, Project Honey Pot).
- Network Stability: Route instability detected (0.1304 operator score).
- Geolocation Consistency: Plausible but approximate.
---
**4. Relationships & Network Context**
- Subnet: 128.185.225.0/24.
- Neighbor IPs:
- 128.185.225.78: Risk score 80 (High Risk).
- Shared Network: Part of BHARTI-IN (IRT-BHARTI-IN).
- Abuse Density: Subnet has 1 abuse report (low density).
---
**5. Actionable Insights**
- Threat Vector: Potential spam or phishing activity due to DNSBL listings.
- Mobile Device: Likely a residential/mobile hotspot; monitor for unusual traffic patterns.
- Neighbor Risk: Adjacent IP (128.185.225.78) is higher risk; investigate potential clustering.
- Recommendations:
- Block or monitor traffic from this IP due to DNSBL associations.
- Validate geolocation accuracy for potential spoofing.
- Check for subnet-wide abuse patterns.
---
Conclusion: This IP is associated with a high-risk mobile carrier and appears in multiple DNSBLs. While no direct malicious activity is detected, its DNSBL listings and subnet neighbors warrant further monitoring. SOC teams should prioritize validating geolocation and assessing network behavior for anomalies.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-BHARTI-IN |
| ASN | AS9498 |
| Network Name | โ |
| CIDR Block | 128.185.225.0/24 |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Single-Service Host |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.8 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 37% | 2 | 3 |
| routing | 32% | 2 | 3 |
| services | 18% | 2 | 2 |
| ownership | 32% | 3 | 4 |
| reputation | 26% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 29% | 12 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:39 UTC |
| Last Seen | 2026-06-22 13:17:59 UTC |
| Profile Built | 2026-06-22 13:46:39 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 23 |
Full dossier details are available via our API.