IPDebrief

79.25.187.138

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

INTELLIGENCE BRIEFING: 79.25.187.138

Classification: Moderate Risk (Score: 40/100)

Assessment Date: 2026-06-26

Network Attribution & Ownership:

The IP address 79.25.187.138 is associated with ASN 3269 (BBBEASYIP STAFF / Telecom Italia S.p.A.), a Tier-1 Italian telecommunications provider. The IP falls within the 79.24.0.0/15 BGP prefix and operates under the RIR RIPE. Control plane analysis indicates stable routing with no recent route changes over the past 30 days.

Geolocation:

Geolocation data places the IP in Padua, Veneto, Italy (IT). Multiple geo sources corroborated this position with 500km accuracy radius. Reverse DNS resolution confirmed the hostname "host-79-25-187-138.retail.telecomitalia.it" with forward DNS confirmation active.

Technical Profile:

Network classification identified the IP as mobile infrastructure operated by TIM (Telecom Italia S.p.A.) via LTE/5G technology (MCC: 222, MNC: 01). No open ports or active services were detected. The IP presents as "Firewalled / No Services" with no TLS certificates or HTTP content observed.

Threat Indicators:

DNSBL listing showed the IP on 2 of 8 total blacklist feeds. Reputation sources included AlienVault OTX with threat persistence flags. No active threat indicators, known campaigns, or attacker signatures were present in the profile.

Historical Analysis:

Observation history revealed 26 signal observations. Recent activity included ASN and geolocation signals from multiple threat intelligence sources. One blacklist listing event was recorded with medium severity classification. DMARC and SPF records remained active for the associated telecomitalia.it domain.

Network Neighborhood:

Analysis of the 79.25.187.0/24 subnet revealed zero neighboring IPs. Abuse density scored 0.0, with no high, medium, or low-risk siblings detected. The subnet classification remained "clean" with inherited risk of 0.

Recommended Actions:

No immediate firewall or blocking actions recommended. The IP exhibits characteristics consistent with legitimate mobile broadband infrastructure. SOC teams should monitor for behavioral anomalies but no immediate containment required.

Risk Summary:

The IP represents a moderate-risk profile typical of residential mobile broadband connections. No active malicious indicators present. Standard monitoring practices apply.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฎ๐Ÿ‡น Italy
Region34
CityArlesega
TimezoneEurope/Rome
Latitude45.41
Longitude11.88

๐Ÿข Ownership & Registration

OrganizationBBBEASYIP STAFF
ASNAS3269
Network Nameโ€”
CIDR Block79.24.0.0/15
RIRRIPE
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRhost-79-25-187-138.retail.telecomitalia.it
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnameshost-79-25-187-138.retail.telecomitalia.it

๐Ÿ” DNS Hygiene

Hygiene Score80% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureMobile
Service PurposeFirewalled / No Services
Network TierUnknown โ€” Insufficient routing data to classify
Mobile

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
38%
24
routing
35%
23
services
15%
22
ownership
27%
34
reputation
22%
13
geolocation
19%
22
Overall26%1218
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-11 15:05:42 UTC
Last Seen2026-06-26 11:16:04 UTC
Profile Built2026-06-26 11:23:29 UTC
Data FreshnessLive
Signal Types24
Total Observations25
๐Ÿ” 24 signal types ยท 25 observations collected
This report is generated from 24+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.