91.219.237.39

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 91.219.237.39

Date: 2026-06-16

---

1. Core Risk Profile

Risk Score: 70 (High Risk)
Threat Indicators:

- Tor exit node activity detected

- Linked to "hungary.exit.maxzrbn.it" (DNS association)

Network Role: Web server (HTTP/HTTPS services)
Geolocation: Budapest, Hungary (HU)
ASN: 56322 (ServerAstra Kft.)

---

2. Threat Observations

Tor Exit Node: Confirmed as a Tor exit node, which may be used for anonymized traffic or malicious activities.
DNS Associations:

- PTR hostname: `hungary.exit.maxzrbn.it` (linked to the IP).

- Domain `maxzrbn.it` shows SPF/DKIM email authentication but no active hosted domains.

Network Activity:

- Open ports: 80 (HTTP), 443 (HTTPS).

- TLS certificate: Issued to `www.fqg5i2qqkef5avv32vns.com` (self-signed).

---

3. Historical Trends

Observation History:

- Consistent monitoring via Team Cymru DNS (2026-06-16).

- No significant changes in geolocation, DNS, or threat signals.

Stability:

- Subnet `91.219.237.0/24` shows stable ownership (ServerAstra Kft.) since 2010.

- No recent abuse reports for the subnet.

---

4. Relationships & Context

Network Links:

- Same network: `SERVERASTRA-HU-BP-DPLEX-1` (AS 56322).

- DNS associations with `hungary.exit.maxzrbn.it`.

Organizational Context:

- Owned by "NETWORK-OPERATIONS-TEAM" (Hungary).

- No known malicious campaigns or spam sources.

---

5. Neighborhood Analysis

Subnet: `91.219.237.0/24`
Abuse Density: 0% (clean subnet).
Neighbors: No active neighboring IPs reported.

---

6. Recommendations

Monitor Traffic: Track HTTP/HTTPS traffic to/from this IP for suspicious payloads or C2 activity.
Block Tor Exit Nodes: Consider blocking Tor exit nodes if this IP is not a legitimate service.
Verify DNS: Investigate `maxzrbn.it` for potential phishing or malicious domain activity.
Network Segmentation: Ensure this subnet is isolated from internal systems to mitigate potential lateral movement.

---

Source: IPDebrief Threat Intelligence Platform

Note: This IP is flagged for further investigation due to its Tor exit node association and web server role.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇭🇺 Hungary
Region	BU
City	Budapest
Timezone	Europe/Budapest
Latitude	47.16
Longitude	19.50

🏢 Ownership & Registration

Organization	NETWORK-OPERATIONS-TEAM
ASN	AS56322
Network Name	—
CIDR Block	91.219.237.0/24
RIR	RIPE
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	hungary.exit.maxzrbn.it
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`hungary.exit.maxzrbn.it`

🔐 DNS Hygiene

Hygiene Score	80% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Unknown
Service Purpose	Web Server
Network Tier	Tier 3 — Basic operator with some routing infrastructure

Tor

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
Closed Ports	22, 25, 3389, 8080, 8443 (2 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

CN=www.uzxdqlvmwhdjayiq462o.net

Issued by CN=www.7h6um7ir2eiy.com

Self-signed: No

SANs	None
Valid From	2026-03-19T00:00:00+00:00
Valid Until	2026-07-31T23:59:59+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha256RSA
Validity Period	134 days
Serial Number	00CF20EFC94F5551CE
Thumbprint	F8D3EA3CB92AFD27F0F29B254A9232ED165B4FBD

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	30%	2	4
routing	61%	2	18
services	32%	2	3
ownership	39%	3	7
reputation	26%	1	3
geolocation	32%	2	3
Overall	37%	12	38

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-22 13:35:51 UTC
Last Seen	2026-06-26 21:06:52 UTC
Profile Built	2026-06-27 15:46:49 UTC
Data Freshness	Live
Signal Types	29
Total Observations	75

🔍 29 signal types · 75 observations collected

This report is generated from 29+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

91.219.237.39📋 Copy

**1. Core Risk Profile**

**2. Threat Observations**

**3. Historical Trends**

**4. Relationships & Context**

**5. Neighborhood Analysis**

**6. Recommendations**