182.95.181.214

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 182.95.181.214

Date: 2026-06-17

---

1. Core Profile

Risk Score: 80 (High Risk)
Ownership: Assigned to Bharti Airtel Ltd. (AS9498), a major Indian telecom provider.
Geolocation: India (New Phase III), inferred with 1500km accuracy. No exact coordinates.
Network Role: Mobile network (LTE/5G), likely a mobile device or carrier infrastructure.
Services: Open SSH (port 22) with banner "Exceeded MaxStartups," no TLS/http services.
Threat Indicators:

- Listed in 5+ DNSBLs (8 total lists).

- Observed in 15+ threat feeds (e.g., Alienvault OTX) with high-severity pulses.

- No direct malware or campaign associations.

---

2. Observation History

Recent Activity (2026-06-17):

- Detected in 16 signals, including:

- Threat Feeds: 5 high-severity listings (e.g., spam, phishing).

- Network Scans: SSH port open, no TLS/http services.

- Geolocation: Inferred as India (20.59°N, 78.96°E).

- Stability: Route instability detected (unstable BGP prefix).

- No Persistent Malicious Activity: No long-term threat persistence.

---

3. Relationships

Network Affiliation:

- Subnet 182.95.128.0/17 (Bharti Airtel).

- Linked to BHARTI-IN (AS9498) via multiple routes.

Connections:

- 17 relationships, all tied to the same network (BHARTI-IN).

- No external organizations, domains, or certificates linked.

---

4. Neighborhood Analysis

Subnet: 182.95.181.214/24
Abuse Density: 85.7% (high risk).
Neighbors:

- 7 IPs in the subnet, 6 with riskScore ≥ 80 (e.g., 182.95.181.22, 182.95.181.34).

- 1 low-risk IP (182.95.181.6).

Inherited Risk: 10 (moderate).

---

5. Recommendations

Monitoring: Continuously monitor for SSH brute-force attempts or unexpected network activity.
Firewall Rules: Block the IP if it persists in threat feeds or shows malicious behavior.
Subnet Review: Investigate the 182.95.181.0/24 subnet for potential lateral movement or shared infrastructure risks.
Mobile Device: Given the mobile carrier context, consider it a mobile device (e.g., IoT, user device) rather than a static host.

---

Conclusion: This IP is associated with a high-risk mobile network and has a history of threat feed listings. While no direct malicious activity is observed, its subnet exhibits significant abuse density, warranting close monitoring.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇮🇳 India
Region	New
City	Phase III
Timezone	—
Latitude	22.00
Longitude	79.00

🏢 Ownership & Registration

Organization	IRT-BHARTI-IN
ASN	AS9498
Network Name	BHARTI-IN
CIDR Block	182.95.128.0/17
RIR	APNIC
Country	IN
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Mobile
Service Purpose	Single-Service Host
Network Tier	Unknown — Insufficient routing data to classify

Mobile

🔌 Services & Open Ports

Port	Service	Protocol	Banner
22	ssh	tcp	Exceeded MaxStartups
Closed Ports	25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	36%	2	4
routing	13%	1	1
services	15%	2	2
ownership	27%	2	3
reputation	17%	1	2
geolocation	32%	2	3
Overall	23%	10	15

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:03:59 UTC
Last Seen	2026-06-22 23:50:19 UTC
Profile Built	2026-06-22 23:55:41 UTC
Data Freshness	Live
Signal Types	18
Total Observations	20

🔍 18 signal types · 20 observations collected

This report is generated from 18+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

182.95.181.214📋 Copy

**1. Core Profile**

**2. Observation History**

**3. Relationships**

**4. Neighborhood Analysis**

**5. Recommendations**