IPDebrief

213.160.180.247

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

Target: 213.160.180.247/32

Date: 2026-06-23

Classification: High Risk Residential DSL

---

## EXECUTIVE SUMMARY

The IP address 213.160.180.247 is classified as High Risk (Risk Score: 70) with no active services detected. The address is associated with Telecom.sk residential DSL infrastructure in Pezinok, Slovakia, and appears on 4 of 8 DNSBLs with "high" severity ratings. While the /24 subnet shows zero abuse density, this isolated IP has been flagged for malicious activity.

---

## OWNERSHIP & GEOLOCATION

---

## THREAT INDICATORS

---

## NETWORK ANALYSIS

---

## OBSERVATION HISTORY

- 2026-06-23: Blacklist listing detected (8 lists, 3 active, max severity: high)

- 2026-06-18: ASN allocation confirmed, routing stable

---

## NEIGHBORHOOD ANALYSIS

---

## RELATIONSHIP MAPPING

---

## RECOMMENDED ACTIONS

PriorityActionJustification
**HIGH**Monitor inbound/outbound trafficHigh-risk classification with blacklist presence
**MEDIUM**Add to monitoring blocklist4 DNSBL listings with high severity
**LOW**Consider temporary blockSubnet shows clean abuse density, suggesting isolated incident
**MEDIUM**Investigate source of trafficResidential DSL with no legitimate services

---

## ANALYST NOTES

This IP represents a residential DSL connection that has been flagged for malicious activity despite being on a otherwise clean subnet. The lack of open services suggests either a compromised residential device or a connection used for outbound attacks. Given the subnet's clean abuse density, this may warrant monitoring rather than aggressive blocking. The DNSBL presence indicates prior abuse history, but the absence of persistent malicious activity patterns suggests the threat may be contained or intermittent.

SOC Team: Monitor for patterns; do not assume sustained threat.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐ŸŒ Slovakia
RegionTA
CityVelke Ulany
Timezoneโ€”
Latitude48.16
Longitude17.57

๐Ÿข Ownership & Registration

OrganizationJan Katuska
ASNAS6855
Network Nameโ€”
CIDR Block213.160.160.0/19
RIRRIPE
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRstatic-dsl-247.213-160-180.telecom.sk
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnamesstatic-dsl-247.213-160-180.telecom.sk

๐Ÿ” DNS Hygiene

Hygiene Score80% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureUnknown
Service PurposeFirewalled / No Services
Network TierTier 3 โ€” Basic operator with some routing infrastructure
No specific classification

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
39%
25
routing
32%
23
services
15%
22
ownership
26%
34
reputation
23%
13
geolocation
13%
11
Overall25%1118
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-07 23:04:11 UTC
Last Seen2026-06-23 07:22:59 UTC
Profile Built2026-06-23 07:31:09 UTC
Data FreshnessLive
Signal Types26
Total Observations27
๐Ÿ” 26 signal types ยท 27 observations collected
This report is generated from 26+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.