108.62.61.35
## IP INTELLIGENCE BRIEFING: 108.62.61.35/32
Date: 2026-06-24
Classification: Moderate Risk Infrastructure
Analyst: SOC Intelligence Unit
EXECUTIVE SUMMARY
IP address 108.62.61.35 is assigned to LeaseWeb USA, Inc. Seattle (ASN: 396190) with a risk score of 50 (Moderate Risk). No active services or open ports detected; the IP is classified as "Firewalled / No Services." Located in Washington state with geolocation consensus from multiple sources.
OWNERSHIP AND INFRASTRUCTURE
| Attribute | Value |
|---|---|
| Organization | LeaseWeb USA, Inc. Seattle |
| ASN | 396190 |
| Country | US (WA) |
| CIDR Block | 108.62.56.0/21 |
| RIR | ARIN |
| Registration | N/A |
THREAT PROFILE
- Risk Score: 50/100 (Moderate)
- Blacklist Status: Clean (0 blacklist entries)
- Abuse Confidence: Not flagged as known attacker or spam source
- Tor/Proxy Status: Not a Tor exit node; not identified as proxy
- DNSBL Listings: 2 of 8 commercial lists
- Operator Score: 0.1304 (Minimal)
NETWORK CHARACTERISTICS
- Services: None detected (firewalled)
- Open Ports: None
- DNS Resolution: No PTR records; forward resolution failed
- TLS/SSL: No certificates associated
- Cloud/Hosting: Not classified as cloud, CDN, VPN, or hosting infrastructure
SUBNET NEIGHBORHOOD ANALYSIS
The /24 subnet (108.62.61.0/24) exhibits elevated abuse characteristics:
- Abuse Density: 0.5312 (High Abuse Classification)
- Risk Distribution: 100 medium-risk neighbors, 0 high-risk
- Active Siblings: 105 of 256 total IPs active
- Threat Siblings: 136 IPs flagged as threats in subnet
- Inherited Risk: 21 (derived from subnet-level signals)
OBSERVATION HISTORY
Fifteen historical observations recorded with the following patterns:
- Most Recent: 2026-06-24 β Minimal risk classification
- Historical Classification: Subnet consistently marked as "high_abuse" with 0.5312 abuse density
- Signal Types: Geolocation, routing, services, ownership, reputation, and DNS signals observed
- Temporal Stability: No ownership changes; threat persistence days: 0
INTERCONNECTED ENTITIES
70 relationship links identified, primarily "Same Network" associations with network 108-62-56-0. No organizational or certificate-based relationships detected beyond network-level connectivity.
RECOMMENDED SECURITY ACTIONS
Based on risk profile and neighborhood analysis:
Firewall Rules:
```bash
# iptables
iptables -A INPUT -s 108.62.61.35 -j DROP
# nftables
nft add rule inet filter input ip saddr 108.62.61.35 drop
# pfSense
block 108.62.61.35/32
```
WAF/Cloud Recommendations:
- Cloudflare: Block with description "IPDebrief risk score 50"
- AWS WAF: Create rule with address 108.62.61.35/32
INTELLIGENCE ASSESSMENT
This IP represents LeaseWeb infrastructure with no active service footprint. While the subnet demonstrates elevated abuse density (0.5312), the specific IP shows no active threat indicators, clean blacklist status, and no known malicious campaigns. The moderate risk score (50) reflects neighborhood-level concerns rather than IP-specific malice.
Recommended Action: Implement firewall rules to block traffic from this IP. Consider subnet-level blocking (108.62.61.0/24) if threat activity is observed from neighboring IPs. Monitor for service activation or service pattern changes.
---
*Source: IPDebrief Intelligence Platform | Classification: Defensive Security*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | LeaseWeb USA, Inc. Seattle |
| ASN | AS396190 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 22% | 1 | 2 |
| geolocation | 24% | 2 | 3 |
| Overall | 21% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:57 UTC |
| Last Seen | 2026-06-26 18:11:57 UTC |
| Profile Built | 2026-06-24 21:50:30 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 20 |
Full dossier details are available via our API.