IPDebrief

137.74.118.45

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IPDEBRIEF INTELLIGENCE BRIEFING

Target: 137.74.118.45/32

Date: 2026-06-21

Analyst: IPDebrief Automated Intelligence System

Classification: Moderate Risk

---

## EXECUTIVE SUMMARY

IP address 137.74.118.45 presents a moderate risk profile (Risk Score: 40) associated with OVH SAS cloud infrastructure in Roubaix, France. The IP is registered under network FR-OVH-19881123 (137.74.0.0/16) and resolves to virtual server vps-4318d279.vps.ovh.net. Current threat indicators are absent, but historical data shows DNSBL listings and Pulse threat signals from mid-June 2026.

---

## NETWORK OWNERSHIP & GEOLOCATION

AttributeValue
**ASN**16276 (OVH SAS)
**Organization**Octave Klaba
**Network**FR-OVH-19881123
**CIDR Block**137.74.0.0/16
**Country**France (FR)
**City**Roubaix
**Infrastructure**CloudCompute (Hosting)
**DNS Resolution**vps-4318d279.vps.ovh.net

The IP operates on OVH cloud infrastructure with DNSSEC validation active. Route stability is flagged as false, indicating potential routing changes within the BGP prefix.

---

## THREAT ASSESSMENT

Current Threat Status: LOW

Control Plane Analysis:

---

## OBSERVATION HISTORY (Last 20 Observations)

2026-06-21 07:41:05 UTC

2026-06-16 07:46:17 UTC

2026-06-16 07:44:38 UTC

Temporal Analysis:

---

## NETWORK NEIGHBORHOOD ANALYSIS

MetricValue
**Subnet**137.74.118.45/24
**Abuse Density**1
**Classification**Mostly Clean
**Inherited Risk**2
**Total Siblings**1
**Active Siblings**0
**Threat Siblings**1

The /24 subnet shows minimal abuse density with one threat sibling detected. The IP itself carries inherited risk of 2 from neighborhood context.

---

## ENTITY RELATIONSHIPS

DNS Associations:

Network Associations:

No certificate associations detected.

---

## SERVICE FINGERPRINTING

Open Ports: None detected

TLS Certificate: Not available

HTTP Service: Not available

Server Banner: Not available

Infrastructure Type: CloudCompute

---

## RECOMMENDED SECURITY ACTIONS

Risk-Based Recommendations:

Firewall Rules:

```bash

# iptables

iptables -A INPUT -s 137.74.118.45 -j DROP

# nftables

nft add rule inet filter input ip saddr 137.74.118.45 drop

# nginx

deny 137.74.118.45;

# pfSense

137.74.118.45/32

# Cloudflare WAF

Expression: ip.src eq 137.74.118.45

Action: Block

# AWS WAF

Addresses: ["137.74.118.45/32"]

Description: IPDebrief risk 40

```

---

## ANALYST NOTES

1. Risk Context: The moderate risk score (40) reflects historical DNSBL listings and threat observations rather than active malicious behavior. Current threat indicators are absent.

2. Infrastructure Type: As an OVH cloud VPS, the IP represents shared hosting infrastructure. Abuse in this environment may stem from tenant compromise rather than direct IP owner malicious activity.

3. Historical Correlation: The 2026-06-16 threat observations show Pulse signals and DNSBL activity. Monitor for recurrence of these indicators.

4. Recommendation: Implement monitoring for DNSBL reappearances and correlate with neighbor IP 137.74.118.XX for coordinated activity patterns. No immediate blocking required unless additional threat intelligence emerges.

---

Data Sources: IPDebrief, AlienVault OTX, Multiple Threat Feeds

Confidence Level: High

The intelligence briefing for IP address 137.74.118.45/32 is complete. All requested sections have been documented including:

No additional intelligence is available to expand upon this briefing. The analysis is based on the complete data returned from IPDebrief tools. SOC analysts should monitor for:

1. Renewed DNSBL activity

2. Correlated traffic from neighborhood siblings

3. Recurrence of Pulse signals from mid-June 2026

Case closed.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ซ๐Ÿ‡ท France
Regionโ€”
CityRoubaix
TimezoneEurope/Paris
Latitude48.86
Longitude2.34

๐Ÿข Ownership & Registration

OrganizationOctave Klaba
ASNAS16276
Network NameFR-OVH-19881123
CIDR Block137.74.0.0/16
RIRARIN
CountryFR
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRvps-4318d279.vps.ovh.net
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnamesvps-4318d279.vps.ovh.net

๐Ÿ” DNS Hygiene

Hygiene Score80% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeSingle-Service Host
Network TierTier 3 โ€” Basic operator with some routing infrastructure
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
22sshtcp
Closed Ports25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”
SSH VersionSSH-2.0-OpenSSH_10.0p2 Debian-7~bpo12+1

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
30%
23
routing
13%
11
services
13%
11
ownership
27%
23
reputation
24%
13
geolocation
35%
23
Overall24%914
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-06-01 17:53:08 UTC
Last Seen2026-06-21 07:41:06 UTC
Profile Built2026-06-21 07:59:23 UTC
Data FreshnessLive
Signal Types20
Total Observations21
๐Ÿ” 20 signal types ยท 21 observations collected
This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.