223.237.152.58
IP Intelligence Briefing: 223.237.152.58
Date: 2026-06-12
---
**1. Core Profile**
- Risk Score: Low Risk (0/100)
- Ownership:
- ASN: 45609 (BHARTI-MOBILITY-AS-AP)
- Organization: Bharti Airtel Ltd. (India)
- Subnet: 223.237.128.0/19
- Geolocation:
- Country: United States (flagged as plausible but inconsistent with ASN origin)
- City: Newark, NJ
- Threat Indicators:
- No active malicious campaigns, spam, or known attacker associations.
- No DNSBL listings or TLS certificate anomalies.
- Network Role:
- Firewalled / No Services (no open ports or HTTP/TLS services detected).
- Likely infrastructure IP (e.g., internal network, CDN, or carrier backbone).
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- Threat Feed Signals: 12 observations, including:
- 1 high-severity listing (confidence: 85%) with unknown source.
- DNSSEC validation confirmed.
- ASN allocation details (2010-09-14) from Team-Cymru.
- No confirmed malicious activity (minimal risk score).
- Geolocation Discrepancy: IP flagged as "plausible" in the US, but ASN originates from India. Potential misattribution or network routing anomaly.
---
**3. Relationships**
- Linked Entities:
- Same network: "WHITEFIELD-BANGLORE-KK" (likely a sibling subnet).
- No direct links to organizations, domains, or certificates.
- Behavioral Notes:
- No email authentication records (SPF/DKIM) or HTTP server banners.
- No WAF violations or honeypot hits detected.
---
**4. Neighborhood Analysis**
- Subnet: 223.237.152.58/24
- Neighbor Data:
- Total Siblings: 0 (no neighboring IPs identified).
- Abuse Density: 0% (no risky siblings or compromised hosts).
- Network Context:
- Subnet appears isolated or under strict segmentation.
---
**5. Recommendations**
- Monitoring:
- Validate geolocation discrepancy (potential routing misattribution).
- Monitor for unexpected DNS changes or subnet activity.
- Mitigation:
- No immediate firewall rules or blocking required based on current data.
- Consider correlating with BHARTI-MOBILITY-AS-AP's network behavior if anomalies arise.
Conclusion: This IP appears to be a low-risk infrastructure asset with no confirmed malicious activity. However, the geolocation inconsistency and sparse neighbor data warrant further investigation into potential routing anomalies or network misconfigurations.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-BHARTI-MO-IN |
| ASN | AS45609 |
| Network Name | WHITEFIELD-BANGLORE-KK |
| CIDR Block | 223.237.128.0/19 |
| RIR | APNIC |
| Country | IN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 0% | 0 | 0 |
| routing | 0% | 0 | 0 |
| services | 0% | 0 | 0 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 6% | 3 | 4 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-31 11:14:34 UTC |
| Last Seen | 2026-06-12 07:29:53 UTC |
| Profile Built | 2026-06-12 07:39:53 UTC |
| Data Freshness | Live |
| Signal Types | 16 |
| Total Observations | 16 |
Full dossier details are available via our API.