87.158.239.79
IP Intelligence Briefing: 87.158.239.79
Date: 2026-06-08
---
**1. Risk Profile**
- Overall Risk: Low Risk (riskScore: 0)
- Provider Score: 0 / Authority Score: 0 / Stability Score: 0
- Threat Indicators: No malicious activity detected (no blacklists, spam, or campaigns).
- Network Classification: Firewalled / No Services (no open ports, TLS certs, or HTTP services).
---
**2. Ownership & Geolocation**
- Registrar: DTAG-NIC (Deutsche Telekom AG, Germany)
- Location: Frankfurt am Main, Hesse, Germany (latitude: 50.16, longitude: 8.68)
- ASN: Unassigned (no BGP prefix or ASN details).
---
**3. Threat & Behavioral Analysis**
- Threat Signals:
- No DNS/DNSSEC/CAA misconfigurations.
- No honeypot hits, enumeration attempts, or WAF violations.
- Observation History:
- Low-confidence signals (e.g., DNS timeouts, incomplete routing data).
- No persistent malicious activity or campaign associations.
---
**4. Relationships & Network Context**
- Linked Entities:
- Same network: `DTAG-DIAL26` (Deutsche Telekom subnet).
- No hostname/DNS associations (timed-out queries).
- Subnet Neighbors:
- No active or risky neighboring IPs in the `87.158.239.0/24` subnet.
---
**5. Recommendations**
- Monitor: Track changes in network role or DNS behavior, as the IP shows no active services.
- Verify: Confirm ownership legitimacy with DTAG-NIC, as ASN/BGP data is incomplete.
- Firewall: No immediate action required; the IP poses no active threat.
---
Conclusion: This IP is associated with a legitimate telecom provider but lacks clear infrastructure context. No actionable threats detected. SOC teams should prioritize monitoring for unexpected service activation or network changes.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DTAG-NIC |
| ASN | AS3320 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | p579eef4f.dip0.t-ipconnect.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | p579eef4f.dip0.t-ipconnect.de |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 1 | 1 |
| routing | 19% | 1 | 2 |
| services | 19% | 1 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 1 |
| geolocation | 27% | 2 | 2 |
| Overall | 22% | 8 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-17 15:14:03 UTC |
| Last Seen | 2026-06-08 08:58:17 UTC |
| Profile Built | 2026-06-08 09:41:49 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 18 |
Full dossier details are available via our API.