IPDebrief

89.116.31.97

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Threat Intelligence Briefing: IP Address 89.116.31.97/32

Summary:

The IP address 89.116.31.97/32 was observed to have multiple attributes associated with its operational behavior. Data collected from various intelligence tools revealed the following information about its activity, relationships, and neighborhood.

Owner and Organization:

Geolocation:

Service and Behavior:

Observation History:

Relationships and Networks:

Neighborhood Analysis:

Threat Assessment:

Actionable Recommendations:

1. Monitoring and Logging: Continuously monitor traffic to and from this IP for any anomalies. Implement comprehensive logging to detect potential misuse.

2. Threat Intelligence Feeds: Subscribe to threat intelligence feeds that might provide updates on known malicious activities associated with OVH IPs.

3. Incident Response Plan: Ensure that an incident response plan is in place should any suspicious activity involving this IP be detected.

4. Regular Security Audits: Conduct regular security audits on systems hosted at this IP to identify and mitigate vulnerabilities.

This intelligence briefing provides a foundational understanding of the operational context and potential risk factors associated with IP address 89.116.31.97/32. SOC analysts should use this information to inform their defensive strategies and maintain robust network security.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ซ๐Ÿ‡ท France
RegionGrand Est
CityLauterbourg
TimezoneEurope/Paris
Latitude48.97
Longitude8.19

๐Ÿข Ownership & Registration

OrganizationLRTC-MNT
ASNAS51167
Network Nameโ€”
CIDR Block89.116.24.0/21
RIRRIPE
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRvmi3329237.contaboserver.net
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnamesvmi3329237.contaboserver.net

๐Ÿ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeWeb Server
Network TierTier 3 โ€” Basic operator with some routing infrastructure
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpโ€”
443httpstcpโ€”
22sshtcp
Closed Ports25, 3389, 8080, 8443 (3 open / 7 scanned)
ServerApache/2.4.52 (Ubuntu)
HTTP Titleโ€”
SSH VersionSSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15

๐Ÿ” TLS Certificate

A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.
โš ๏ธ
CN=vmi2765298.contaboserver.net
Issued by CN=vmi2765298.contaboserver.net
Self-signed: Yes
SANsvmi2765298.contaboserver.net
Valid From2025-08-21T12:15:48+00:00
Valid Until2035-08-19T12:15:48+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_256_GCM_SHA384
Signature Algorithmsha256RSA
Validity Period3650 days
Serial Number5BDCAC84309432F05C9CB38AC808162CD906D229
Thumbprint58A9017AB8F7FFE5BA80896812057A0B34DDBF74

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
28%
24
routing
19%
34
services
20%
24
ownership
22%
34
reputation
27%
13
geolocation
13%
11
Overall21%1220
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (65%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-12 09:41:54 UTC
Last Seen2026-06-27 21:28:14 UTC
Profile Built2026-06-28 21:34:03 UTC
Data FreshnessLive
Signal Types28
Total Observations35
๐Ÿ” 28 signal types ยท 35 observations collected
This report is generated from 28+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.