95.88.167.133
Threat Intelligence Briefing for IP 95.88.167.133
Date: 2026-06-07
---
**1. IP Profile**
- Risk Score: 25 (Low Risk)
- Ownership:
- ASN: 3209
- ISP: Kabel Deutschland RIPE (Vodafone GmbH)
- Network: KABEL-DEUTSCHLAND-CUSTOMER-SERVICES-18
- Geolocation:
- Country: Germany (DE)
- Region: Saarland
- City: St. Ingbert
- Coordinates: 49.28°N, 7.12°E
- Network Role:
- Mobile Carrier: Vodafone (LTE/5G)
- Type: Mobile Carrier (not residential or cloud)
---
**2. Threat Indicators**
- No Malicious Activity Detected:
- No indicators of spam, attacks, or known malicious campaigns.
- Threat Feeds: 0 matches.
- DNSBL Listings: 1 out of 8 lists (low priority).
- Services:
- No open ports or TLS certificates detected.
- No HTTP server banners or domain associations.
---
**3. Observation History (Last 30 Days)**
- Minimal Risk Signals:
- Low confidence in DNSSEC, CAA, and geolocation inference.
- Stable network prefix (95.88.0.0/14) attributed to Vodafone.
- DNS Resolution:
- Resolves to `ip5f58a785.dynamic.kabel-deutschland.de` (dynamic IP).
- No email authentication (SPF/DKIM) detected.
---
**4. Relationships & Network Context**
- Linked Entities:
- Same Network: Repeatedly associated with `KABEL-DEUTSCHLAND-CUSTOMER-SERVICES-18` (same ASN/ISP).
- DNS: Directly tied to a dynamic hostname under Kabel Deutschland.
- Subnet Analysis:
- /24 Subnet: No neighboring IPs found (likely a standalone host).
- Abuse Density: 0% (clean subnet).
---
**5. Recommendations**
- Monitor Dynamically Assigned IPs:
- The IP resolves to a dynamic hostname, which may indicate residential or mobile broadband usage.
- Verify DNS Associations:
- Check if `ip5f58a785.dynamic.kabel-deutschland.de` is linked to known benign or suspicious domains.
- No Immediate Action Required:
- Low risk score and no malicious indicators suggest this IP is not part of an active threat.
---
Conclusion: 95.88.167.133 is a legitimate mobile carrier IP (Vodafone) associated with a German ISP. No evidence of malicious activity detected. SOC teams should monitor for unexpected changes in DNS or network behavior but do not require immediate mitigation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Kabel Deutschland RIPE |
| ASN | AS3209 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | ip5f58a785.dynamic.kabel-deutschland.de |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | ip5f58a785.dynamic.kabel-deutschland.de |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 19% | 1 | 2 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 27% | 2 | 2 |
| Overall | 20% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-16 08:58:00 UTC |
| Last Seen | 2026-06-07 22:20:40 UTC |
| Profile Built | 2026-06-07 22:27:46 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.