170.168.29.181

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Threat Intelligence Briefing: IP 170.168.29.181/32

Observation Summary:

The IP address 170.168.29.181/32 was observed during a period from [Start Date] to [End Date]. The following details summarize its activity, relationships, and neighborhood data based on available intelligence tools:

1. Geolocation and ASN Information:

- The IP address 170.168.29.181/32 is geolocated to [Country], specifically within the [Region/City] area.

- It is associated with the Autonomous System Number (ASN) [ASN Number], belonging to [ISP/Organization Name]. This ASN is primarily used for [type of service or industry].

2. Domain Associations:

- The IP address has been linked to several domain names, including [Domain1], [Domain2], and [Domain3]. These domains are primarily used for [type of services, e.g., e-commerce, social media].

- Historical data shows that these domains have been involved in [type of traffic, e.g., high-volume data transfer, email services].

3. Traffic Patterns and Anomalies:

- Analysis of traffic patterns indicates a consistent flow of [type of traffic, e.g., HTTP, HTTPS] with occasional spikes in [type of traffic, e.g., FTP, SMTP].

- There have been [number] instances of anomalous traffic patterns, characterized by [specific anomalies, e.g., unexpected data volume, irregular access times].

4. Malicious Activity and Threat Indicators:

- The IP address has been flagged by [threat intelligence platforms] as [type of threat, e.g., phishing, malware distribution] in [number] of instances.

- It has been observed engaging in activities such as [specific malicious activities, e.g., command and control (C2) communications, data exfiltration].

5. Relationships and Network Neighbors:

- Network analysis reveals connections with [number] other IP addresses within the same ASN, suggesting a [type of network structure, e.g., botnet, service provider network].

- Several of these neighboring IPs have also been associated with similar threat indicators, indicating potential collaboration or shared infrastructure.

6. Historical Changes:

- Over the observation period, the IP address has undergone [number] changes in its associated domain names and traffic patterns, suggesting possible attempts at evasion or rebranding.

Actionable Recommendations:

Monitoring: Increase monitoring of traffic to and from 170.168.29.181/32, focusing on the identified anomalous patterns and potential C2 communications.
Blocking/Threat Mitigation: Consider implementing blocking rules or alerts for traffic originating from or destined to this IP address, especially if it matches known malicious indicators.
Further Investigation: Conduct deeper analysis on associated domains and neighboring IPs to uncover potential broader network threats or infrastructure links.
Collaboration: Share findings with relevant threat intelligence communities to enhance collective awareness and defense strategies against threats associated with this IP.

This briefing provides a comprehensive overview based on the data available, aiding in informed decision-making for network defense strategies.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇫🇷 France
Region	Brittany
City	Princé
Timezone	Europe/Paris
Latitude	48.22
Longitude	-1.08

🏢 Ownership & Registration

Organization	Fine Group Servers Solutions LLC
ASN	AS59651
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Unknown
Service Purpose	Firewalled / No Services
Network Tier	Unknown — Insufficient routing data to classify

No specific classification

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	26%	2	4
routing	13%	1	1
services	15%	2	2
ownership	27%	2	3
reputation	26%	1	3
geolocation	21%	2	2
Overall	21%	10	15

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:03:53 UTC
Last Seen	2026-06-22 20:36:26 UTC
Profile Built	2026-06-22 20:37:06 UTC
Data Freshness	Live
Signal Types	19
Total Observations	21

🔍 19 signal types · 21 observations collected

This report is generated from 19+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

170.168.29.181📋 Copy