182.95.115.194
IP Intelligence Briefing: 182.95.115.194
Date: 2026-06-17
---
**1. Core Profile**
- Risk Score: 70/100 (High Risk)
- Ownership:
- ASN: 9498
- Organization: IRT-BHARTI-IN (Bharti Airtel Ltd., India)
- Geolocation: Delhi, India (Phase III, New)
- Network Role: Mobile device (LTE/5G)
- Threat Indicators: No direct malicious activity detected (no malware, spam, or known campaigns).
---
**2. Network & Mobile Context**
- Mobile Carrier: Bharti Airtel (MCC 404, MNC 10)
- Services:
- Open SSH port (22/tcp) with banner: `SSH-2.0-OpenSSH_8.9`
- No TLS certificates or HTTP services detected.
- Subnet: 182.95.115.194/24 (low abuse density, no active neighbors).
---
**3. Threat & Risk Observations**
- Historical Signals:
- Mixed geolocation data (inferred via multi-signal inference).
- No persistent threat activity; 1 observation of potential abuse (4/8 DNSBL listings).
- Relationships:
- Linked to BHARTI-IN network (same ASN and organization).
- No correlated IPs or campaigns detected.
---
**4. Recommended Actions**
- Block IP:
- iptables: `iptables -A INPUT -s 182.95.115.194 -j DROP`
- Cloudflare WAF: Block IP with description "IPDebrief risk 70".
- AWS WAF: Add `182.95.115.194/32` to a new rule.
- Monitoring: Increase logging verbosity for this IP due to elevated risk.
---
**5. Summary**
This IP is registered to Bharti Airtel, associated with a mobile LTE/5G device. While no direct malicious indicators are present, its high risk score and open SSH port suggest potential exploitation risks. Block the IP across security systems and monitor for unusual activity.
SOC Analyst Note: Verify context with internal threat intelligence and consider isolating the host if this IP is part of a larger network segment.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-BHARTI-IN |
| ASN | AS9498 |
| Network Name | BHARTI-IN |
| CIDR Block | 182.95.0.0/17 |
| RIR | APNIC |
| Country | IN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Single-Service Host |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.9 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:59 UTC |
| Last Seen | 2026-06-26 18:10:52 UTC |
| Profile Built | 2026-06-22 23:50:15 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 24 |
Full dossier details are available via our API.