91.96.20.36
IP Intelligence Briefing: 91.96.20.36
Date: 2026-06-13
---
**1. Risk Profile**
- Risk Score: 25 (Low Risk)
- Provider: EWE TEL Hostmaster (Germany)
- Geolocation: Oldenburg, Lower Saxony, Germany (53.11°N, 8.22°E)
- Network Role: Firewalled / No Services (no open ports or active services detected)
- Threat Indicators: No malware, phishing, or spam associations.
---
**2. Ownership & Infrastructure**
- ASN: 9145 (EWE TEL Hostmaster)
- CIDR Block: 91.96.0.0/17
- Registration: Ripe Database (residential/business use likely)
- ISP: EWE TEL, Germany
---
**3. Observational History**
- Geolocation Consistency: Stable (Oldenburg, Germany) since 2026-06-13.
- Ownership Stability: No recent changes (ownership duration: N/A).
- Threat Persistence: No observed malicious activity or campaign correlations.
---
**4. Relationships & Network**
- DNS Associations:
- `dyndsl-091-096-020-036.ewe-ip-backbone.de` (EWE TEL Hostmaster).
- Subnet: 91.96.20.36/24 (no neighboring IPs detected).
- Network Density: Subnet abuse density: 0% (no risky siblings).
---
**5. Security Actions**
- Recommended Actions: None (low risk profile).
- Firewall Rules: No specific rules required.
---
**6. Summary**
The IP 91.96.20.36 is registered to EWE TEL Hostmaster in Germany and appears to be a residential/business network with no malicious activity detected. Geolocation and ownership data are stable, and no threat indicators were found. The network is firewalled with no active services, making it unlikely to pose a direct risk. Monitor for changes in behavior, but no immediate action is required.
SOC Analyst Note: This IP is likely safe, but maintain standard monitoring practices for unexpected activity.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | EWE TEL Hostmaster |
| ASN | AS9145 |
| Network Name | EWETEL-DYNDSL-POOL11 |
| CIDR Block | 91.96.0.0/17 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | dyndsl-091-096-020-036.ewe-ip-backbone.de |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | dyndsl-091-096-020-036.ewe-ip-backbone.de |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 1 | 1 |
| routing | 25% | 1 | 1 |
| services | 25% | 1 | 1 |
| ownership | 0% | 0 | 0 |
| reputation | 0% | 0 | 0 |
| geolocation | 0% | 0 | 0 |
| Overall | 12% | 3 | 3 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-06 01:24:52 UTC |
| Last Seen | 2026-06-13 10:24:36 UTC |
| Profile Built | 2026-06-13 10:42:30 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 20 |
Full dossier details are available via our API.