IPDebrief

66.78.40.91

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 66.78.40.91

Date: 2026-06-10

---

**1. Core Profile**

- ASN: 21769 (Aokigahara SRL, US)

- Subnet: 66.78.40.0/24

- Geolocation: Wilmington, Delaware, US (no precise coordinates)

- Linked to `tor-exit-usa.bronk-ict.nl` (forward-resolved).

- SPF/DMARC records present but no email auth issues.

---

**2. Observation History**

- Consistent network prefix observations (AS21769, AS215659).

- Location data tied to Wilmington, DE, with a 2500km accuracy radius.

- Behavioral data: No direct honeypot hits, but flagged as a Tor exit node.

---

**3. Relationships**

- Same Network: 66.78.40.0/24 (Aokigahara SRL).

- DNS: `tor-exit-usa.bronk-ict.nl` (linked to the IP).

- Threat Context: No direct malicious relationships, but Tor exit nodes are often used for illicit traffic.

---

**4. Neighborhood Analysis**

- 66.78.40.42: Risk score 50 (higher than the IP).

- Subnet classification: "clean," but Tor exit nodes may introduce risk via third-party usage.

---

**5. Threat Narrative**

- Monitor traffic from this IP for unusual outbound connections (e.g., to known malicious domains).

- Investigate the Tor exit node's association with `tor-exit-usa.bronk-ict.nl` for potential misuse.

- Consider blocking or restricting traffic from the subnet due to the presence of higher-risk neighbors.

Conclusion: This IP is low-risk on its own but warrants scrutiny due to its Tor exit node role and subnet context. SOC teams should prioritize monitoring for indirect threats tied to Tor-based activities.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡Έ United States
RegionDE
CityWilmington
Timezoneβ€”
Latitude47.61
Longitude-122.33

🏒 Ownership & Registration

OrganizationAokigahara SRL
ASNAS215659
Network NameNET-66-78-40-0-24
CIDR Block66.78.40.0/24
RIRARIN
CountryRomania
Abuse Contactβ€”

🌐 DNS Intelligence

PTRtor-exit-usa.bronk-ict.nl
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamestor-exit-usa.bronk-ict.nl

πŸ” DNS Hygiene

Hygiene Score80% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureUnknown
Service PurposeFirewalled / No Services
Network TierTier 3 β€” Basic operator with some routing infrastructure
Tor

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
34%
23
routing
61%
239
services
15%
22
ownership
37%
39
reputation
20%
12
geolocation
32%
23
Overall33%1258
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceMostly Consistent (80%) β€” 1 contradiction(s)
AttributionModerate (55%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid
⚠ Claimed geolocation contradicts RTT physics measurement

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-22 13:35:51 UTC
Last Seen2026-06-26 21:06:52 UTC
Profile Built2026-06-27 16:00:29 UTC
Data FreshnessLive
Signal Types27
Total Observations97
πŸ” 27 signal types Β· 97 observations collected
This report is generated from 27+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.