IPDebrief

37.208.46.130

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 37.208.46.130

*Generated from IPDebrief analysis*

---

Key Risk Indicators

---

Critical Findings

1. Ownership & Infrastructure:

- Registered to Nurbek Suleimanov (Kazakhstan).

- Hosts a web server with mixed TLS/SSH services.

- No active spam, attacker, or Tor exit node associations.

2. Network Relationships:

- Part of the `TTC_pool_for_Corp_customers` network (shared with other IPs).

- Neighboring IPs include 37.208.46.2 (risk score 70), suggesting potential lateral movement risk.

3. Historical Signals:

- Observed June 18, 2026, with mixed confidence in DNSSEC, CAA, and routing data.

- No persistent malicious activity detected over 30-day window.

---

Recommended Actions

---

Classification: High Risk (due to owner-controlled infrastructure and subnet neighbor activity).

Next Steps: Correlate with internal threat feeds, monitor for unusual traffic patterns, and assess neighbor IP behavior.

*End of Briefing*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฐ๐Ÿ‡ฟ KZ
RegionAstana
CityAstana
Timezoneโ€”
Latitude51.19
Longitude71.45

๐Ÿข Ownership & Registration

OrganizationNurbek Suleimanov
ASNAS41798
Network Nameโ€”
CIDR Blockโ€”
RIRRIPE
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)

๐Ÿ” DNS Hygiene

Hygiene Score40% (Fair)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAAPresent

โ˜๏ธ Network Classification

InfrastructureUnknown
Service PurposeWeb Server
Network TierUnknown โ€” Insufficient routing data to classify
No specific classification

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpโ€”
443httpstcpโ€”
22sshtcp
Closed Ports25, 3389, 8080, 8443 (3 open / 7 scanned)
Serverlighttpd/1.4.31
HTTP Titleโ€”
SSH VersionSSH-2.0-dropbear_2017.75 \F?Rw?B?7W??sG+?curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-

๐Ÿ” TLS Certificate

An expired certificate for CN=Test Server Cert, OU=FOR TESTING PURPOSES ONLY, O=OpenSSL Group, C=UK was found on this IP. This may indicate a previously hosted website, a decommissioned service, or stale infrastructure.
๐Ÿ”’
CN=Test Server Cert, OU=FOR TESTING PURPOSES ONLY, O=OpenSSL Group, C=UK
Issued by CN=OpenSSL Test Intermediate CA, OU=FOR TESTING PURPOSES ONLY, O=OpenSSL Group, C=UK
Self-signed: No
SANsNone
Valid From2011-12-08T14:01:48+00:00
Valid Until2021-10-16T14:01:48+00:00 (expired)
TLS ProtocolTls12
Cipher SuiteTLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Signature Algorithmsha1RSA
Validity Period3600 days
Serial Number00B9EED4D955A59EB3
ThumbprintE84A8E20764EEF0EEDBE549F918CA4F6A2B3D104

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
32%
24
routing
25%
11
services
28%
24
ownership
23%
23
reputation
23%
13
geolocation
21%
22
Overall25%1017
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceMixed Signals (68%) โ€” 2 contradiction(s)
AttributionLow (35%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid
โš  Geo sources disagree on country: UK, KZ
โš  TLS certificate claims UK but primary geo says KZ

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-07 23:04:17 UTC
Last Seen2026-06-24 01:22:58 UTC
Profile Built2026-06-23 11:30:38 UTC
Data FreshnessLive
Signal Types23
Total Observations31
๐Ÿ” 23 signal types ยท 31 observations collected
This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.