182.72.102.106📋 Copy

# IP Intelligence Briefing: 182.72.102.106/32

Classification: High Risk Mobile Origin

Date: 2026-06-22

Analyst: IPDebrief Intelligence Division

---

## Executive Summary

IP 182.72.102.106 is a high-risk mobile-originated address associated with Bharti Airtel's infrastructure in Bengaluru, India. The address carries a risk score of 80/100 and is currently listed on multiple DNSBLs (4 of 8 total lists). No active threat indicators or known campaigns are associated with this IP. Recommended action: Implement monitoring and consider blocking based on operational risk tolerance.

---

## Risk Profile

---

## Ownership & Geolocation

• ASN: 9498 (IRT-BHARTI-IN)
• Organization: Bharti Airtel Ltd.
• Country: India (IN)
• Region: Karnataka (KA)
• City: Bengaluru
• RIR: APNIC
• Mobile Carrier: Airtel (MCC: 404, MNC: 10)
• Connection Technology: LTE/5G

---

## Network Classification

• Infrastructure Type: Residential Mobile Network
• Service Purpose: Firewalled / No Services
• Open Ports: None detected
• TLS Certificate: None
• Is Cloud/CDN/VPN/Proxy: No
• Is Tor Exit: No

---

## DNS & Reputation

• PTR Hostname: nsg-static-106.102.72.182.airtel.in
• Forward Resolution: nsg-static-106.102.72.182.airtel.in
• Domain: airtel.in
• SPF Record: Present
• DMARC Record: Present
• DNSBL Listings: 4 of 8 lists

---

## Threat Indicators

• Blacklist Count: 0
• Abuse Confidence Score: Not available
• Known Campaigns: None
• Threat Feeds: Empty
• Is Known Attacker: No
• Is Spam Source: No

---

## Control Plane Analysis

• BGP Prefix: 182.72.102.0/24
• Route Stability: Unstable
• RPKI State: Not available
• IRR Consistency: Not available
• Route Changes (30d): 0
• Operator Score: 0.1304 (Minimal)

---

## Historical Signal Analysis

21 total observations recorded. Key recent signals:

• 2026-06-22 23:36: High-severity listing activity (5 of 8 lists, max severity: high)
• 2026-06-17 19:37: Minimal operator score (0.1304)
• 2026-06-12 09:21: Geolocation inference for India (Bengaluru region, 1500km accuracy)

Temporal Assessment: Threat observation count: 1. IP is not persistently malicious based on historical patterns.

---

## Neighborhood Analysis

• Subnet: 182.72.102.106/24
• Abuse Density: 0
• Classification: Mostly Clean
• Total Siblings: 1
• Active Siblings: 0
• Threat Siblings: 1

---

## Recommended Actions

Firewall Rules

iptables:

```bash

iptables -A INPUT -s 182.72.102.106 -j DROP

```

nftables:

```bash

nft add rule inet filter input ip saddr 182.72.102.106 drop

```

nginx:

```nginx

deny 182.72.102.106;

```

pfsense:

```

182.72.102.106/32

```

Cloudflare WAF:

```json

{

"description": "Block 182.72.102.106 — IPDebrief risk score 80",

"action": "block",

"filter": {

"expression": "ip.src eq 182.72.102.106"

}

}

```

AWS WAF:

```json

{

"Addresses": ["182.72.102.106/32"],

"Description": "IPDebrief risk 80"

}

```

Monitoring Recommendations

1. Increase logging verbosity for traffic from this IP

2. Review recent activity patterns

3. Monitor for changes in DNS resolution or geolocation

4. Track subnet 182.72.102.0/24 for emerging threat activity

---

## SOC Analyst Notes

This IP originates from a mobile carrier network (Bharti Airtel) and is associated with residential mobile connections. While no active threat indicators are present, the elevated risk score and multiple DNSBL listings suggest historical abuse patterns or false positives from legitimate mobile traffic. The IP is not associated with known campaigns or attack infrastructure.

Priority: Medium — Monitor and evaluate against operational risk tolerance before implementing blocking rules.

---

*Intel generated by IPDebrief Intelligence Platform. All data sourced from live network observations and threat intelligence feeds.*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.