217.248.204.56
IP Intelligence Briefing: 217.248.204.56
Date: 2026-06-06
---
**1. Risk Profile**
- Overall Risk Score: Low (0/100)
- Provider Score: 0/100 (Deutsche Telekom AG)
- Authority Score: 0/100
- Stability Score: 0/100
- Threat Indicators: No malicious activity detected (no malware, phishing, or known attacker associations).
---
**2. Ownership & Geolocation**
- ASN: 3320 (Deutsche Telekom AG, Germany)
- Location: Rendsburg, Schleswig-Holstein, Germany (51.17°N, 10.45°E)
- Mobile Carrier: Telekom (MCC 262, MNC 01, LTE/5G)
- Network Role: Mobile residential connection (no public services, firewalled).
---
**3. Observation History**
- Recent Activity (2026-06-06):
- Threat Feed Listings: 1 high-severity listing (confidence 85%), but no confirmed malicious activity.
- BGP Prefix: 217.224.0.0/11 (Deutsche Telekom).
- Geolocation Consistency: Confirmed via MaxMind (Rendsburg, Germany).
- Scanning: No open ports or services detected in recent scans.
---
**4. Relationships**
- Network Associations:
- Linked to DTAG-DIAL17 (Deutsche Telekomβs network).
- DNS hostname pd9f8cc38.dip0.t-ipconnect.de (Telekom subdomain).
- No Known Malicious Connections: No ties to C2 servers, botnets, or malicious campaigns.
---
**5. Neighborhood Analysis**
- Subnet: 217.248.204.56/24
- Abuse Density: 0% (clean subnet).
- Neighbors: No active or malicious sibling IPs reported.
---
**6. Recommendations**
- Monitor Threat Listings: Track the 1 high-severity threat feed listing for updates.
- Verify Geolocation: Confirm user activity in Rendsburg, Germany, as mobile residential IPs can be transient.
- No Immediate Action Required: Low-risk, legitimate mobile connection with no malicious indicators.
---
Conclusion: This IP is associated with a legitimate Deutsche Telekom mobile user. While it appears in one high-severity threat feed, no confirmed malicious activity is present. No action required unless further context emerges.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DTAG-NIC |
| ASN | AS3320 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | pd9f8cc38.dip0.t-ipconnect.de |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | pd9f8cc38.dip0.t-ipconnect.de |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 27% | 2 | 3 |
| Overall | 18% | 10 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-11 15:05:00 UTC |
| Last Seen | 2026-06-26 10:41:18 UTC |
| Profile Built | 2026-06-26 10:45:40 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 21 |
Full dossier details are available via our API.