2.203.100.16
IP Intelligence Briefing: 2.203.100.16/32
*Generated via IPDebrief Comprehensive Analysis*
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Ownership: Vodafone Germany IP Core Backbone (ASN 3209)
- Geolocation: Saxony, Germany (51.17°N, 10.45°E)
- Network Role: Mobile LTE/5G connection (Vodafone GmbH)
- Subnet: 2.203.100.16/24 (clean, no abuse density)
---
**2. Threat & Activity**
- Malicious Indicators: None detected (no malware, phishing, or spam associations).
- DNS:
- PTR hostname: `dslb-002-203-100-016.002.203.pools.vodafone-ip.de`
- SPF record present; no DMARC or CAA records.
- Services: No open ports or TLS certificates observed.
- Historical Signals:
- 2 observations (0.85 confidence) of DNS listings (truncated).
- No persistent malicious activity or ownership changes.
---
**3. Network Relationships**
- Linked Entities:
- DNS associations with Vodafoneβs internal infrastructure.
- Same network: `DE-ARCOR-20170524` (Vodafoneβs ASN 3209).
- Subnet: 2.203.100.16/24 (0 active/ε¨θ siblings).
---
**4. Neighbors & Subnet**
- Neighbors: No sibling IPs found in the /24 subnet.
- Abuse Density: 0% (clean subnet).
---
**5. Security Recommendations**
- Firewall Rules:
- iptables: `iptables -A INPUT -s 2.203.100.16 -j DROP`
- nftables: `nft add rule inet filter input ip saddr 2.203.100.16 drop`
- Cloudflare WAF: Block IP with rule `{ "action": "block", "expression": "ip.src eq 2.203.100.16" }`
- Monitoring: Track DNS activity and verify if the IP is associated with any emerging threats.
---
**6. Summary**
The IP 2.203.100.16 is a legitimate Vodafone mobile broadband connection in Germany. No malicious activity or network threats were detected. While the risk score is moderate, the subnet is clean, and no immediate action is required. Monitor for unexpected DNS or service changes.
*End of Briefing*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Vodafone Germany IP Core Backbone |
| ASN | AS3209 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | dslb-002-203-100-016.002.203.pools.vodafone-ip.de |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | dslb-002-203-100-016.002.203.pools.vodafone-ip.de |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 15% | 1 | 2 |
| geolocation | 30% | 2 | 3 |
| Overall | 22% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-12 21:54:49 UTC |
| Last Seen | 2026-06-26 18:11:02 UTC |
| Profile Built | 2026-06-14 23:36:36 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 23 |
Full dossier details are available via our API.