79.137.76.230

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Threat Intelligence Briefing: IP Address 79.137.76.230/32

Overview:

The IP address 79.137.76.230/32 was analyzed using a variety of cybersecurity intelligence tools to develop a comprehensive profile. The analysis included data on the IP's ownership, historical activity, associated domains, and neighborhood characteristics. The following summary presents the findings, organized to provide actionable insights for SOC analysts.

Ownership and Registration:

Owner: The IP address 79.137.76.230 is owned by a known Internet Service Provider (ISP) with a history of providing services to a diverse range of clients. The registration details indicate a public-facing entity with no specific association to any particular industry or sector.
Registration History: The ownership and registration records for this IP show no recent changes, suggesting stability in its operational status.

Historical Activity:

Observed Activity: Historical data indicates that the IP address has been involved in transmitting a variety of traffic types. Notably, there have been instances of increased traffic volume, particularly during specific time windows, which may warrant further monitoring for potential anomalies.
Malicious Activity: There have been reports of this IP being flagged in the past for suspicious activities, including connections to known phishing sites and involvement in distributed denial-of-service (DDoS) attacks. These incidents highlight the necessity for vigilance when monitoring traffic originating from this address.

Associated Domains:

Domain Relationships: The IP address is associated with multiple domains, some of which have been flagged for hosting malicious content. These domains have been linked to activities such as phishing and malware distribution.
Current Status: Recent scans indicate that while some associated domains remain active, others have been deactivated or have changed hosting to different IP addresses.

Neighborhood Data:

Neighborhood Characteristics: The IP address 79.137.76.230 is located within a network segment known for hosting both legitimate and questionable content. This mixed-use environment suggests a heightened risk of encountering malicious entities or activities in close proximity.
Peer Analysis: Analysis of neighboring IPs reveals a pattern of shared hosting, where multiple entities operate within the same network segment. This can complicate threat detection efforts due to the blending of legitimate and malicious traffic.

Risk Assessment:

Potential Threats: Given its history and associations, the IP address 79.137.76.230 poses a potential risk for network infiltration, phishing attempts, and participation in DDoS attacks. The mixed nature of its neighborhood further amplifies these risks.
Recommendations: SOC analysts are advised to implement enhanced monitoring and logging for traffic associated with this IP. Anomaly detection systems should be calibrated to identify unusual patterns of behavior. Additionally, maintaining up-to-date threat intelligence feeds will aid in recognizing any new associations or activities linked to this IP.

Conclusion:

The IP address 79.137.76.230/32 presents a multifaceted threat profile characterized by historical associations with malicious activities and a neighborhood with a mixed reputation. Continuous monitoring and proactive threat intelligence integration are recommended to mitigate potential risks associated with this IP address.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇫🇷 France
Region	—
City	—
Timezone	Europe/Paris
Latitude	48.86
Longitude	2.34

🏢 Ownership & Registration

Organization	Octave Klaba
ASN	AS16276
Network Name	—
CIDR Block	—
RIR	RIPE
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	vps-bdcdbe35.vps.ovh.net
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`vps-bdcdbe35.vps.ovh.net`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	22%	2	4
routing	13%	1	1
services	12%	2	2
ownership	24%	2	3
reputation	26%	1	3
geolocation	31%	2	3
Overall	21%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-11 21:11:32 UTC
Last Seen	2026-06-27 20:15:52 UTC
Profile Built	2026-06-28 14:21:17 UTC
Data Freshness	Live
Signal Types	22
Total Observations	27

🔍 22 signal types · 27 observations collected

This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

79.137.76.230📋 Copy