91.185.198.177
IP Intelligence Briefing: 91.185.198.177
*Generated via IPDebrief Threat Intelligence Platform*
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership:
- ASN: 41828 (TELEMACH-MNT)
- Registry: RIPE
- Country: Slovenia (SI)
- ISP: Telemach-NET
- Geolocation:
- City: Slovenia (SI)
- Latitude: 46.08, Longitude: 15
- Timezone: Unknown
- Network Role:
- Web Server (HTTP/HTTPS, Apache 2.4.62)
- No TLS certificate detected
- No CDN/VPN/Proxy/Hosting indicators
---
**2. Threat & Abuse Indicators**
- Threat Score: 0 (No malicious activity detected)
- Abuse Density: 0 (Clean subnet)
- DNS Associations:
- Linked to `mail5.xhosting.si` (SPF/DKIM records present)
- Routing:
- Stable BGP path (AS 3303 โ 3212 โ 41828)
- No route instability or MOAS flags
---
**3. Historical Observations**
- Signal Stability:
- Consistent geolocation and DNS records since 2026-05-29
- No spikes in threat indicators or network anomalies
- Key Trends:
- Low-risk profile with no recent malicious activity
---
**4. Relationships & Network Context**
- Subnet: 91.185.198.0/24 (No active neighbors detected)
- Connected Entities:
- Telemach-NET (same network)
- `mail5.xhosting.si` (DNS hostname)
- Email Security:
- SPF and DMARC records present for `mail5.xhosting.si`
---
**5. Recommendations**
- Monitoring:
- Track DNS and HTTP services for unexpected changes (e.g., new certificates, server banners).
- Firewall:
- Allow traffic on ports 80/443 for legitimate web server operations.
- Validation:
- Verify `mail5.xhosting.si` legitimacy via DNSSEC and email security checks.
---
Conclusion:
This IP is associated with a low-risk, stable web server in Slovenia. No malicious activity or abuse indicators detected. Monitor for unexpected changes in services or DNS associations.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | TELEMACH-MNT |
| ASN | AS41828 |
| Network Name | โ |
| CIDR Block | 91.185.192.0/19 |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | mail5.xhosting.si |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | mail5.xhosting.si |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | Apache/2.4.62 (Unix) OpenSSL/1.0.2k-fips |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 27% | 2 | 3 |
| services | 31% | 2 | 3 |
| ownership | 30% | 3 | 4 |
| reputation | 22% | 1 | 3 |
| geolocation | 13% | 1 | 1 |
| Overall | 25% | 11 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-11 15:05:50 UTC |
| Last Seen | 2026-06-26 11:24:57 UTC |
| Profile Built | 2026-06-26 11:33:43 UTC |
| Data Freshness | Live |
| Signal Types | 26 |
| Total Observations | 27 |
Full dossier details are available via our API.