107.189.5.203
IP Intelligence Briefing: 107.189.5.203
*Generated via IPDebrief Analysis*
---
**1. Core Profile**
- Risk Rating: Low Risk (Risk Score: 0 / 100)
- Ownership: Registered to BuyVM (ASN: 53667, ARIN registry).
- Geolocation: Luxembourg (City: Luxembourg, Latitude: 49.79, Longitude: 6.1).
- Network Role: Hosting infrastructure (colocation).
- Threat Indicators: No malicious activity detected. No DNS, TLS, or service anomalies.
---
**2. Observation History**
- Recent Activity:
- 11 observations over 30 days, including DNS records, network prefix metadata, and infrastructure type.
- No persistent threats or campaign correlations.
- Low-confidence DNSSEC validation and no PTR records.
- Trend: Stable, no spikes in risk or abuse signals.
---
**3. Network Relationships**
- Subnet: Part of 107.189.0.0/21 (BuyVM-LUXEMBOURG-02).
- Neighbors:
- 6 IPs in the 107.189.5.0/24 subnet.
- Average risk score: 49.5 (medium risk for neighbors).
- No direct abuse or threat links to this IP.
---
**4. Security Recommendations**
- Firewall Actions: No immediate blocking required.
- Monitoring: Track for unexpected service changes or subnet-level anomalies.
- Context: Neighboring IPs show mixed risk, but this IP remains low-risk.
---
Conclusion: 107.189.5.203 is a legitimate hosting server managed by BuyVM with no current threat indicators. While neighbors show moderate risk, the IP itself is stable. Continue monitoring for behavior changes.
*Data sourced from IPDebrief intelligence feeds.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | BuyVM |
| ASN | AS53667 |
| Network Name | BUYVM-LUXEMBOURG-02 |
| CIDR Block | 107.189.0.0/21 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3 |
π TLS Certificate
| SANs | car.carcloudsix.site |
| Valid From | 2026-06-04T06:57:50+00:00 |
| Valid Until | 2026-09-02T06:57:49+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_128_GCM_SHA256 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 06541BAD6B4E80017B56BCB6BDDB46755108 |
| Thumbprint | 52BFAD45AFBB0A7114B260F7E7FF28D35B3B755C |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 21% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 27% | 2 | 2 |
| Overall | 20% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-04 12:40:50 UTC |
| Last Seen | 2026-06-21 11:22:06 UTC |
| Profile Built | 2026-06-21 12:21:39 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 18 |
Full dossier details are available via our API.