IPDebrief

37.187.5.192

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 37.187.5.192

Date: 2026-06-15

---

**1. Risk Profile**

- Identified as a Tor exit node (high-risk association).

- Listed in 2 threat feeds (blacklist count: 1).

---

**2. Ownership & Infrastructure**

- Open ports: HTTP (80), HTTPS (443).

- Server banner: nginx.

- TLS certificate: Self-signed, issuer `www.xjnd7zjtyeeg6g6qz7.com`.

---

**3. Threat Observations (Last 30 Days)**

- 2 threat feed listings (high/medium severity).

- DNS validation confirmed (DNSSEC valid, 5 probes).

- Route stability: Stable (no recent changes).

- Operator score: 0.4783 (Basic risk label).

---

**4. Relationships & Neighbors**

- DNS hostname: `ns3126614.ip-37-187-5.eu` (OVH network).

- Subnet: `37.187.5.192/24` (abuse density: 0, no malicious neighbors).

- No active siblings in subnet (neighbor count: 0).

---

**5. Recommendations**

1. Monitor Traffic:

- Block or monitor traffic originating from this Tor exit node, as it may be used for covert activities.

2. Inspect Services:

- Investigate the open HTTP/HTTPS services (nginx) for potential misuse.

3. Threat Feed Checks:

- Verify the IP against updated threat intelligence sources (2 listings identified).

---

Conclusion:

This IP is a Tor exit node with moderate risk, linked to OVH infrastructure. While geolocation and DNS validation are plausible, its Tor association and threat feed listings warrant closer monitoring. No immediate action is required unless traffic patterns align with malicious behavior.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ซ๐Ÿ‡ท France
Regionโ€”
Cityโ€”
TimezoneEurope/Paris
Latitude48.86
Longitude2.34

๐Ÿข Ownership & Registration

OrganizationOctave Klaba
ASNAS16276
Network Nameโ€”
CIDR Block37.187.0.0/16
RIRRIPE
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRns3126614.ip-37-187-5.eu
Forward ConfirmedYes โ€” FCrDNS verified
Forward Hostnamesns3126614.ip-37-187-5.eu

๐Ÿ” DNS Hygiene

Hygiene Score60% (Good)
SPFNot configured
DMARCPresent
FCrDNSVerified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureUnknown
Service PurposeWeb Server
Network TierUnknown โ€” Insufficient routing data to classify
No specific classification

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpโ€”
443httpstcpโ€”
Closed Ports22, 25, 3389, 8080, 8443 (2 open / 7 scanned)
Servernginx
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
CN=www.duak57w2awq.net
Issued by CN=www.il4gwjnvbj23i.com
Self-signed: No
SANsNone
Valid From2026-03-13T00:00:00+00:00
Valid Until2026-09-30T23:59:59+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_256_GCM_SHA384
Signature Algorithmsha256RSA
Validity Period201 days
Serial Number6206E76DF2360D0E
Thumbprint523F0F3AD635DC9809C002722E4E8297F99F3950

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
36%
25
routing
20%
23
services
30%
23
ownership
19%
34
reputation
28%
13
geolocation
33%
23
Overall28%1221
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-22 13:35:37 UTC
Last Seen2026-06-28 19:09:39 UTC
Profile Built2026-06-29 07:14:44 UTC
Data FreshnessLive
Signal Types26
Total Observations51
๐Ÿ” 26 signal types ยท 51 observations collected
This report is generated from 26+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.