IPDebrief

87.236.176.177

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 87.236.176.177

Date: 2026-06-06

---

**1. Core Profile**

- ASN: 211298

- Organization: Driftnet Hostmaster (UK)

- Subnet: 87.236.176.0/24

- Country: United Kingdom (GB)

- City: London

- Latitude/Longitude: 55.38°N, -3.44°E

- Single-service host (HTTP on port 80)

- No CDN, VPN, or mobile carrier indicators

---

**2. Threat & Activity**

- Resolves to `r3-177-b1.monitoring.internet-measurement.com` (SPF/DMARC compliant).

- No malicious domains or email auth issues.

- Route stable (AS Path: 6939 211298).

- DNSSEC valid, no RPKI issues.

---

**3. Historical Observations**

- 28 observations over 30 days (last 30 days).

- DNS and routing signals dominate; no significant threat persistence.

- No spikes in abuse confidence or malicious activity.

---

**4. Network Relationships**

- Linked to `internet-measurement.com` (likely benign research infrastructure).

- Shared network (UK-DRIFTNET-20050831) with 175 IPs.

- 32 active siblings, 63 flagged as high-risk.

---

**5. Neighborhood Analysis**

- 4 high-risk IPs, 75 medium-risk IPs, 21 low-risk IPs.

- Most neighbors have moderate risk scores (40–60).

---

**6. Recommended Actions**

- `iptables -A INPUT -s 87.236.176.177 -j DROP`

- `nft add rule inet filter input ip saddr 87.236.176.177 drop`

- Track DNS resolution patterns to `internet-measurement.com`.

- Monitor subnet for emerging risks (63 high-risk siblings).

---

**Summary**

The IP is a low-to-moderate risk host operated by Driftnet Hostmaster in London, UK. While no direct malicious activity is detected, its subnet contains 63 high-risk IPs. The DNS association with `internet-measurement.com` suggests benign research infrastructure, but further investigation into the subnet’s activity is advised. Implement firewall rules to block the IP if it aligns with your security policies.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡¬πŸ‡§ United Kingdom
Regionβ€”
CityLondon
TimezoneEurope/London
Latitude51.50
Longitude-0.12

🏒 Ownership & Registration

OrganizationDriftnet Hostmaster
ASNAS211298
Network Nameβ€”
CIDR Block87.236.176.0/24
RIRRIPE
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRr3-177-b1.monitoring.internet-measurement.com
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamesr3-177-b1.monitoring.internet-measurement.com

πŸ” DNS Hygiene

Hygiene Score80% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureUnknown
Service PurposeSingle-Service Host
Network TierUnknown β€” Insufficient routing data to classify
No specific classification

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpβ€”
Closed Ports22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
27%
24
routing
27%
23
services
24%
23
ownership
30%
34
reputation
22%
13
geolocation
27%
23
Overall26%1220
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-11 15:05:48 UTC
Last Seen2026-06-26 11:22:47 UTC
Profile Built2026-06-26 11:26:54 UTC
Data FreshnessLive
Signal Types27
Total Observations27
πŸ” 27 signal types Β· 27 observations collected
This report is generated from 27+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.