162.0.237.116
IP Intelligence Dossier
Your IP: 216.73.216.123
π€ Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 162.0.237.116
*Generated via IPDebrief Analysis*
---
**1. Profile Summary**
- Risk Score: 25 (Low Risk)
- Provider: Namecheap, Inc. (ASN 22612)
- Geolocation: United States (US), but no city/region specified.
- Network Role: Firewalled / No Services (no open ports or TLS/HTTP services detected).
- Threat Indicators: No malicious activity detected (no blacklists, spam, or known attacker associations).
---
**2. Observation History**
- DNS: Linked to `minerologies-peronosporaceous.vpsrdns.web-hosting.com` (Namecheap hosting).
- Routing: BGP prefix `162.0.237.0/24` with stable route stability (score 0.26).
- Geolocation: Plausibility flagged as false (RTT anomaly detected).
- Subnet Abuse: Subnet `162.0.237.0/24` has 1 active IP (this one) with 0 abuse density.
---
**3. Relationships**
- DNS Associations:
- `minerologies-peronosporaceous.vpsrdns.web-hosting.com` (Namecheap-hosted domain).
- Network: Part of the `NAMEC-4` network (Namecheap, Inc.).
- No Known Campaigns or Malicious Links: No correlations to known threats or malicious certificates.
---
**4. Neighborhood Analysis**
- Subnet: `162.0.237.0/24`
- Neighbors:
- 162.0.237.178: Risk score 40 (Medium Risk).
- Abuse Density: 0% (clean subnet).
---
**5. Threat Indicators**
- No Malicious Activity:
- No DNSBL listings, spam, or known attacker associations.
- No TLS certificates or HTTP services detected.
- Neighbor Risk: The sole neighbor (162.0.237.178) has a medium risk score. Monitor for lateral movement or shared infrastructure risks.
---
**6. Recommendations**
- Monitor Subnet: Track 162.0.237.178 for potential abuse or anomalous behavior.
- Validate DNS: Confirm legitimacy of `minerologies-peronosporaceous.vpsrdns.web-hosting.com` via domain reputation checks.
- Firewall Rules: Consider allowing traffic to this IP if itβs a legitimate service, but prioritize monitoring due to the neighborβs risk profile.
Note: The IP appears benign, but its subnet contains a medium-risk neighbor. Continuous monitoring is advised.
---
*Generated by IPDebrief. All data sourced from real-time threat intelligence and network analysis.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Namecheap, Inc. |
| ASN | AS22612 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | minerologies-peronosporaceous.vpsrdns.web-hosting.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | minerologies-peronosporaceous.vpsrdns.web-hosting.com |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | Apache |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_7.4 |
π TLS Certificate
An expired certificate for
CN=chev.is was found on this IP. This may indicate a previously hosted website, a decommissioned service, or stale infrastructure.CN=chev.is
Issued by CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, S=Greater Manchester, C=GB
Self-signed: No
| SANs | chev.iswww.chev.is |
| Valid From | 2020-08-13T00:00:00+00:00 |
| Valid Until | 2021-08-13T23:59:59+00:00 (expired) |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 365 days |
| Serial Number | 0E0DD22125E3C763BD8B572E41910C92 |
| Thumbprint | 1214CEF5CD556B30A04B22CADEC571AC8ED0BBED |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 19% | 9 | 14 |
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
β Claimed geolocation contradicts RTT physics measurement
π Observation Timeline π Fresh
| First Seen | 2026-05-11 08:57:51 UTC |
| Last Seen | 2026-06-26 08:10:00 UTC |
| Profile Built | 2026-06-27 08:36:19 UTC |
| Data Freshness | Fresh |
| Signal Types | 21 |
| Total Observations | 21 |
π 21 signal types Β· 21 observations collected
This report is generated from 21+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
βΉοΈ About This Report
All data shown is publicly available network metadata β IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.