213.225.8.28
IP Intelligence Briefing: 213.225.8.28/32
*Generated via IPDebrief tools (June 3, 2026)*
---
1. Risk Profile
- Overall Risk Score: 25 (Low Risk)
- Threat Indicators: No malicious activity, spam, or known attacker associations detected.
- Network Classification: Firewalled / No Services (no open ports, no TLS/HTTP services).
- Geolocation: Vienna, Austria (AT). Coordinates: 47.52°N, 14.55°E.
- Ownership: AS8447-MNT (RIPE-registered). Abuse contact available via RDAP.
---
2. Network & DNS Analysis
- DNS: Resolves to `213-225-8-28.nat.highway.a1.net`. SPF/DMArc records present.
- Subnet: 213.225.8.28/24. Subnet abuse density: 1 (mostly clean).
- Neighbors: 1 high-risk sibling IP (213.225.8.182, risk score 0/100).
---
3. Historical Observations
- Scan Activity: Detected 6 ports scanned (June 3, 2026). No open services reported.
- Geolocation Consistency: Confirmed via 2 signals (accuracy ±200 km).
- Network Stability: BGP route stability score: 0.26 (Basic operator rating).
---
4. Relationships & Threat Context
- Linked Entities:
- DNS hostname: `213-225-8-28.nat.highway.a1.net`
- Shared network: AT-TELEKOM-991110 (multiple instances).
- Threat Feeds: No blacklist or campaign associations.
---
5. Security Recommendations
- Monitor Neighbor: IP 213.225.8.182 shows higher risk (score 0) but no direct threats to 213.225.8.28.
- Verify DNSSEC: Ensure DNS validation is enforced for subnets under AS8447.
- Firewall Rules: Block 213.225.8.182 if it persists as a high-risk neighbor.
- Subnet Review: Validate 213.225.8.0/24 for potential abuse density.
---
Conclusion: 213.225.8.28 is a low-risk IP with no direct malicious activity. Focus on monitoring its subnet and high-risk neighbor IPs for potential lateral movement or network compromise. No immediate action required, but maintain vigilance.
*Tools used: ipdebrief_profile, ipdebrief_history, ipdebrief_relationships, ipdebrief_neighbors.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | AS8447-MNT |
| ASN | AS8447 |
| Network Name | โ |
| CIDR Block | 213.225.0.0/18 |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 213-225-8-28.nat.highway.a1.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 213-225-8-28.nat.highway.a1.net |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 32% | 2 | 3 |
| services | 15% | 2 | 2 |
| ownership | 26% | 3 | 4 |
| reputation | 23% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 26% | 12 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:11 UTC |
| Last Seen | 2026-06-23 07:27:38 UTC |
| Profile Built | 2026-06-23 07:30:03 UTC |
| Data Freshness | Live |
| Signal Types | 25 |
| Total Observations | 26 |
Full dossier details are available via our API.