IPDebrief

62.210.185.4

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Threat Intelligence Briefing: IP 62.210.185.4/32

Summary:

The IP address 62.210.185.4/32 was observed to have been associated with a range of activities that warrant attention from SOC teams and network defenders. This briefing details the findings related to the IP's profile, activity history, potential relationships, and neighborhood data.

Profile and Activity History:

Relationships:

Neighborhood Data:

Recommendations for SOC Teams:

1. Monitoring and Blocking: Implement monitoring for any traffic to or from this IP address. Consider blocking it if it poses an immediate threat to the organization's network.

2. Phishing Awareness: Increase phishing awareness training for employees, emphasizing the identification of phishing attempts linked to domains associated with this IP.

3. Incident Response Preparation: Prepare incident response teams to handle potential breaches related to Trojan.Zbot activity, including credential theft and financial fraud.

4. Collaboration: Share findings with industry peers and threat intelligence communities to enhance collective defense against this IP's activities.

This intelligence briefing provides a factual overview based on observed data and should be used as part of a comprehensive security strategy.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ซ๐Ÿ‡ท France
RegionÎle-de-France
CityParis
TimezoneEurope/Paris
Latitude48.86
Longitude2.35

๐Ÿข Ownership & Registration

OrganizationGreg Meersman
ASNAS12876
Network Nameโ€”
CIDR Blockโ€”
RIRRIPE
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTRnat-dc2-2.online.net
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnamesnat-dc2-2.online.net

๐Ÿ” DNS Hygiene

Hygiene Score60% (Good)
SPFPresent
DMARCPresent
FCrDNSNot verified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierHosting โ€” Infrastructure provider without advanced routing
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
39%
26
routing
13%
11
services
12%
22
ownership
20%
23
reputation
24%
13
geolocation
35%
23
Overall24%1018
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-08 23:18:44 UTC
Last Seen2026-06-27 14:44:03 UTC
Profile Built2026-06-28 08:49:25 UTC
Data FreshnessLive
Signal Types24
Total Observations32
๐Ÿ” 24 signal types ยท 32 observations collected
This report is generated from 24+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.