37.114.50.124
IP Intelligence Briefing: 37.114.50.124
Date: 2026-06-09
---
**1. Core Risk Profile**
- Risk Score: 70 (High Risk)
- Threat Indicators:
- Tor exit node activity detected
- DNSBL listing (1/8)
- No open services or TLS certificates
- Ownership:
- ASN: 58087 (DATALIX-MNT)
- Geolocation: Boston, MA, US
- No recent ownership changes
---
**2. Network Behavior**
- Network Role: Tor exit node (classified as "Firewalled / No Services")
- Subnet: 37.114.50.0/24
- Abuse Density: 0% (clean)
- Neighbors:
- 1 medium-risk IP (37.114.50.27, score 59)
- 2 low-risk IPs (scores 25)
- BGP:
- Prefix: 37.114.50.0/24
- ASN 58087 (DATALIX-MNT) registered to Florian Kolb, DE
---
**3. Threat Observations**
- Tor Exit Node:
- Confirmed via historical signals (June 9, 2026)
- No associated malicious campaigns or known attacker indicators
- DNS:
- PTR record exists (124.50.114.37.in-addr.arpa)
- No confirmed forward DNS resolution
- Services:
- No open ports or HTTP server banners detected
---
**4. Temporal & Stability**
- Risk Persistence:
- Single observation of Tor exit activity (no prior history)
- Stability score: 0 (unstable)
- Route Stability:
- BGP route changes: 0 in 30 days
- Route stability: False (potential rerouting risks)
---
**5. Recommended Actions**
1. Monitor Traffic:
- Investigate traffic originating from or destined to this IP, as it is a Tor exit node.
- Check for signs of data exfiltration or command-and-control (C2) activity.
2. Network Segmentation:
- Isolate or block traffic to this IP if it is not required for legitimate operations.
3. Neighbor Analysis:
- Prioritize monitoring the medium-risk neighbor (37.114.50.27) for potential correlation.
4. DNS Validation:
- Verify DNS resolution for this IP to confirm its operational status.
---
Conclusion:
37.114.50.124 is a high-risk Tor exit node with no direct malicious indicators but warrants close monitoring due to its association with Tor infrastructure. The subnet shows mixed risk, so contextualize this IP within broader network activity.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DATALIX-MNT |
| ASN | AS58087 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 124.50.114.37.in-addr.arpa |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 124.50.114.37.in-addr.arpa |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 19% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-22 13:35:40 UTC |
| Last Seen | 2026-06-26 21:06:48 UTC |
| Profile Built | 2026-06-27 17:48:52 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 48 |
Full dossier details are available via our API.