93.200.244.238
IP Intelligence Briefing: 93.200.244.238
*Generated from IPDebrief analysis*
---
**Key Findings**
1. Risk Profile:
- Overall Risk: Low Risk (riskScore: 0).
- Threat Indicators: No active malicious activity, spam, or attacker associations detected.
- Network Role: Firewalled / No Services (no open ports, TLS, or HTTP services identified).
2. Geolocation:
- Primary Location: United States (New York, NY).
- Conflicting Data: Historical observations show a single entry attributing the IP to Germany (Hachenburg, Rheinland-Pfalz). This may indicate routing anomalies, misconfigured DNS, or false positives.
3. Network Relationships:
- ISP: Deutsche Telekom AG (DE) via ASN 3320.
- DNS: Linked to `t-ipconnect.de`, a German ISP. No DNS-based threats detected.
- No Known Relationships: No connections to malicious domains, subnets, or organizations.
4. Observation History:
- 13 Signals Recorded:
- 12 geolocation observations (mostly US, 1 German).
- 1 threat feed listing (high severity, but no actionable indicators).
- Stability: No persistent malicious behavior; threat persistence days = 0.
5. Subnet Analysis:
- /24 Subnet: 93.200.244.0/24.
- Abuse Density: 0% (clean subnet).
- Neighbors: No risky sibling IPs identified.
---
**Actionable Intelligence**
- Monitor Geolocation Discrepancies: Investigate the German location observation for routing errors or misconfigured DNS.
- Verify ISP Legitimacy: Deutsche Telekom AG is a legitimate ISP, but confirm the IPβs allocation and usage compliance.
- Watch Threat Feed Listings: Despite no active threats, the high-severity listing in historical data warrants periodic rechecking.
- Firewall Recommendations: No immediate blocking required. Use IPDebriefβs firewall rule generator for future high-risk scenarios.
---
**Conclusion**
The IP appears to be a legitimate, low-risk asset associated with a German ISP. While geolocation inconsistencies exist, no malicious activity is currently detected. SOC teams should prioritize monitoring for unexpected changes in geolocation or threat indicators.
*Generated by IPDebrief threat intelligence platform.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DTAG-NIC |
| ASN | AS3320 |
| Network Name | DTAG-DIAL25 |
| CIDR Block | 93.192.0.0/11 |
| RIR | RIPE |
| Country | DE |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | p5dc8f4ee.dip0.t-ipconnect.de |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | p5dc8f4ee.dip0.t-ipconnect.de |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 1 | 1 |
| routing | 0% | 0 | 0 |
| services | 0% | 0 | 0 |
| ownership | 0% | 0 | 0 |
| reputation | 25% | 1 | 1 |
| geolocation | 0% | 0 | 0 |
| Overall | 8% | 2 | 2 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-06 01:24:52 UTC |
| Last Seen | 2026-06-13 10:26:47 UTC |
| Profile Built | 2026-06-13 10:42:30 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 21 |
Full dossier details are available via our API.