IPDebrief

91.196.152.122

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Threat Intelligence Briefing: IP 91.196.152.122/32

Summary:

The IP address 91.196.152.122/32 has been identified and analyzed through various intelligence tools, providing a comprehensive profile on its activity, relationships, and neighborhood context. This information is designed to aid SOC analysts in assessing potential threats and understanding the operational environment of this IP address.

Owner and Provider:

The IP address 91.196.152.122/32 is owned by Vodafone GmbH and is associated with their infrastructure in Germany. It falls under the AS number 3292, which is designated for Vodafone. This indicates that the IP address is part of a legitimate telecommunication provider’s network.

Activity and Behavior:

Relationships and Network Connections:

Threat Assessment:

Actionable Insights:

This intelligence briefing provides a clear understanding of the operational context and risk profile of IP 91.196.152.122/32, aiding SOC analysts in maintaining robust network security and threat detection capabilities.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡«πŸ‡· France
RegionHauts-de-France
CityRoubaix
TimezoneEurope/Paris
Latitude50.70
Longitude3.18

🏒 Ownership & Registration

OrganizationAdmin
ASNAS213412
Network Nameβ€”
CIDR Blockβ€”
RIRRIPE
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRspence.probe.onyphe.net
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamesspence.probe.onyphe.net

πŸ” DNS Hygiene

Hygiene Score40% (Fair)
SPFNot configured
DMARCNot configured
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureUnknown
Service PurposeWeb Server
Network TierUnknown β€” Insufficient routing data to classify
No specific classification

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpβ€”
443httpstcpβ€”
Closed Ports22, 25, 3389, 8080, 8443 (2 open / 7 scanned)
Serverhidden
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
CN=*.probe.onyphe.net
Issued by CN=GandiCert, O=Gandi SAS, C=FR
Self-signed: No
SANs*.probe.onyphe.netprobe.onyphe.net
Valid From2025-11-15T00:00:00+00:00
Valid Until2026-12-16T23:59:59+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_256_GCM_SHA384
Signature Algorithmsha256RSA
Validity Period396 days
Serial Number0EC838B61968AEE3D45B3260BC77FE69
ThumbprintA94591274DB92C90374BFE4DC69BE0CECBB1803D

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
24%
23
routing
13%
11
services
8%
11
ownership
24%
23
reputation
22%
13
geolocation
19%
22
Overall18%913
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-07 23:04:41 UTC
Last Seen2026-06-24 00:45:21 UTC
Profile Built2026-06-24 00:55:58 UTC
Data FreshnessLive
Signal Types21
Total Observations21
πŸ” 21 signal types Β· 21 observations collected
This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.