IPDebrief

187.85.107.191

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Threat Intelligence Briefing: IP 187.85.107.191/32

Overview:

This intelligence briefing provides a detailed analysis of IP address 187.85.107.191/32, based on data gathered from various cybersecurity tools and databases. The following sections outline the profile, historical observations, relationships, and neighborhood data for this IP address, aiming to offer actionable insights for Security Operations Center (SOC) analysts.

Profile:

Observation History:

Relationships:

Neighborhood Data:

Actionable Insights:

1. Monitoring and Alerting: Implement enhanced monitoring for traffic originating from this IP address, particularly focusing on HTTP and SMTP protocols. Set up alerts for unusual traffic patterns or connections to known malicious domains.

2. Email Filtering: Strengthen email filtering mechanisms to block or flag emails originating from this IP address, especially those containing links to domains previously identified as phishing sites.

3. Threat Intelligence Sharing: Collaborate with threat intelligence communities to share observations and updates regarding this IP address and its associated domains. This can aid in identifying new threats and improving defense strategies.

4. User Education: Educate users within the organization about the risks associated with phishing attempts, particularly those originating from this IP range. Encourage skepticism towards unsolicited emails and verify the authenticity of links and attachments.

This briefing is intended to provide SOC analysts with a comprehensive understanding of the potential risks associated with IP 187.85.107.191/32, enabling informed decision-making and proactive defense measures.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡§πŸ‡· Brazil
RegionRio Grande do Sul
CityCaçapava do Sul
Timezoneβ€”
Latitude-30.61
Longitude-53.47

🏒 Ownership & Registration

OrganizationUNIFIQUE TELECOMUNICACOES S/A
ASNAS28343
Network Name517703
CIDR Block187.85.96.0/20
RIRLACNIC
CountryBR
Abuse Contactβ€”

🌐 DNS Intelligence

PTR187-85-107-191.unifique.net
Forward ConfirmedNo β€” PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames187-85-107-191.unifique.net

πŸ” DNS Hygiene

Hygiene Score40% (Fair)
SPFPresent
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureResidential
Service PurposeSingle-Service Host
Network TierEnd-User β€” Residential ISP endpoint
Residential

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
8080http-alttcpβ€”
Closed Ports22, 25, 80, 443, 3389, 8443 (1 open / 7 scanned)
Serverlighttpd/1.4.39
HTTP Titleβ€”
⚠ Unusual for residential β€” open services on a home connection may indicate self-hosting, compromise, or misconfigured networking equipment.

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
25%
24
routing
13%
11
services
24%
23
ownership
15%
22
reputation
19%
13
geolocation
19%
22
Overall19%1015
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-08 23:18:19 UTC
Last Seen2026-06-25 11:28:27 UTC
Profile Built2026-06-25 11:37:16 UTC
Data FreshnessLive
Signal Types19
Total Observations22
πŸ” 19 signal types Β· 22 observations collected
This report is generated from 19+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.