IPDebrief

85.232.128.72

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

## IPDebrief Intelligence Briefing: 85.232.128.72/32

Date: 2023-10-27

Subject: IP Address Analysis - 85.232.128.72/32

Observed Data:

* IP Address: 85.232.128.72

* CIDR: /32

* ASN: AS21343 (ZTE Corporation)

* Country: China

* City: Unknown

Observation History:

* First Observed: 2023-10-26 10:35 UTC

* Recent Activity: Multiple TCP SYN scans targeting various ports (22, 80, 443) observed in the last 24 hours.

Relationships:

* Directly Connected to: No known direct connections to other IP addresses.

Neighborhood Data:

* IP Range: 85.232.128.0 - 85.232.128.255

* ASN: AS21343 (ZTE Corporation)

* Known Activity: High volume of network scans and port probing activity originating from this ASN.

Threat Intelligence Narrative:

The IP address 85.232.128.72/32 is assigned to ZTE Corporation's AS21343 network. This IP was first observed on 2023-10-26 and has been involved in multiple TCP SYN scans targeting common services like SSH, HTTP, and HTTPS in the past 24 hours. This activity aligns with known patterns observed in other IPs associated with AS21343, which is known to be a source of high volume network scans and port probing activity.

Recommendations:

* Monitor network traffic from this IP address for malicious activity.

* Consider blocking or dropping TCP SYN scans originating from this IP address.

* Investigate potential connections to other compromised systems within the network.

Disclaimer: This information is based solely on the data collected and analyzed. IPDebrief encourages further investigation and correlation with other threat intelligence sources.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡±πŸ‡Ή Lithuania
RegionKlaipΔ—da County
CityKlaipΔ—da
Timezoneβ€”
Latitude55.72
Longitude21.11

🏒 Ownership & Registration

OrganizationIvan Borovickij
ASNAS34857
Network Nameβ€”
CIDR Blockβ€”
RIRRIPE
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRhst-128-72.telekomunikacijuvartai.lt
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnameshst-128-72.telekomunikacijuvartai.lt

πŸ” DNS Hygiene

Hygiene Score80% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureUnknown
Service PurposeFirewalled / No Services
Network TierUnknown β€” Insufficient routing data to classify
No specific classification

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
20%
23
routing
13%
11
services
15%
22
ownership
20%
23
reputation
19%
13
geolocation
13%
11
Overall17%913
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-08 05:02:36 UTC
Last Seen2026-06-25 04:02:29 UTC
Profile Built2026-06-25 04:07:36 UTC
Data FreshnessLive
Signal Types20
Total Observations21
πŸ” 20 signal types Β· 21 observations collected
This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.