185.220.101.53
IP Intelligence Briefing: 185.220.101.53
Date: 2026-06-09
**Profile Summary**
- Risk Score: Moderate (40/100)
- Network Role: Tor Exit Node (classified as "Firewalled / No Services")
- Ownership: Registered to FORPRIVACYNET-MNT (RIPE) with ASN 60729.
- Geolocation: Brandenburg, Germany (latitude 51.17, longitude 10.45).
- Threat Indicators: No direct malicious activity detected; no known campaigns, spam, or abuse confidence scores.
**Observation History**
- Recent Activity: Observed as a Tor exit node since at least June 9, 2026.
- Signal Trends: Consistent low-risk signals across geolocation, DNS, and routing. No significant changes in risk scores over the past 30 days.
- Notable Flags: DNSSEC valid, CAA records present, and no DNSBL listings.
**Relationships**
- Linked Entities:
- Tor network ("TOR-EXIT")
- Hostname tor-exit-53.for-privacy.net
- Subnet Associations: Part of the 185.220.101.0/24 subnet, with 142 sibling IPs.
**Neighborhood Analysis**
- Subnet Abuse Density: 0.007% (low risk).
- Neighbor Risk Scores:
- 94 IPs rated low/medium risk (avg. 35).
- 6 IPs rated high risk (avg. 70).
- One sibling IP flagged as a threat.
- Subnet Classification: Clean, with no widespread malicious activity.
**Actionable Insights**
1. Tor Exit Node Risk: The IPβs association with Tor exit nodes may indicate potential anonymized traffic or evasion tactics. Monitor for unusual outbound connections.
2. Subnet Monitoring: While the subnet is largely clean, the presence of high-risk siblings warrants closer scrutiny.
3. Network Classification: The IPβs "Firewalled / No Services" classification suggests it may not be actively hosting services, but Tor exit nodes can still be exploited for covert operations.
Recommendation: Block or monitor traffic to/from this IP if the network prohibits Tor exit nodes. Verify if the subnetβs low abuse density is consistent with historical data.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | FORPRIVACYNET-MNT |
| ASN | AS60729 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | tor-exit-53.for-privacy.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | tor-exit-53.for-privacy.net |
π DNS Hygiene
| Hygiene Score | 100% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 20% | 2 | 3 |
| reputation | 18% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 16% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-22 13:35:38 UTC |
| Last Seen | 2026-06-26 21:06:48 UTC |
| Profile Built | 2026-06-27 10:39:44 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 47 |
Full dossier details are available via our API.