IPDebrief

187.50.194.182

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Threat Intelligence Briefing: IP 187.50.194.182/32

Summary:

IP address 187.50.194.182/32 has been observed engaging in activities consistent with network reconnaissance and data exfiltration. This briefing encapsulates the collected data, including observation history, relationship context, and neighborhood information pertinent to this IP.

Observation History:

Relationships:

Neighborhood Data:

Actionable Recommendations:

1. Monitor Traffic Patterns: Implement enhanced monitoring for traffic originating from or directed to IP 187.50.194.182/32. Pay particular attention to any irregular data flows or attempts to establish C2 communications.

2. Block and Isolate: Consider blocking this IP at the network perimeter to prevent any unauthorized access or data exfiltration attempts. Isolate any systems that have communicated with this IP to prevent potential infection spread.

3. Conduct a Security Audit: Perform a thorough security audit of systems that have interacted with this IP. Ensure that all security patches are up to date and that intrusion detection systems are properly configured.

4. Review Network Logs: Analyze network logs for signs of compromised credentials or unauthorized access that may have facilitated interactions with this IP.

5. Alert Incident Response Team: Inform the incident response team of the findings to enable rapid response in case further malicious activity is detected.

This intelligence briefing provides an overview of the activities associated with IP 187.50.194.182/32, offering actionable insights for SOC analysts to mitigate potential threats.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ง๐Ÿ‡ท Brazil
RegionSP
CitySão Paulo
Timezoneโ€”
Latitude-23.63
Longitude-46.64

๐Ÿข Ownership & Registration

OrganizationTELEFÔNICA BRASIL S.A
ASNAS10429
Network Name129419
CIDR Block187.50.0.0/15
RIRLACNIC
CountryBR
Abuse Contactโ€”

๐ŸŒ DNS Intelligence

PTR187-50-194-182.customer.tdatabrasil.net.br
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames187-50-194-182.customer.tdatabrasil.net.br

๐Ÿ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureUnknown
Service PurposeSingle-Service Host
Network TierUnknown โ€” Insufficient routing data to classify
No specific classification

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
22sshtcp
Closed Ports25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”
SSH VersionSSH-2.0-OpenSSH_6.7

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
26%
24
routing
17%
11
services
24%
23
ownership
15%
22
reputation
21%
13
geolocation
21%
22
Overall21%1015
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-07 23:04:02 UTC
Last Seen2026-06-26 18:10:56 UTC
Profile Built2026-06-23 02:04:02 UTC
Data FreshnessLive
Signal Types19
Total Observations26
๐Ÿ” 19 signal types ยท 26 observations collected
This report is generated from 19+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.