185.247.137.87
IP Intelligence Briefing: 185.247.137.87
Date: 2026-06-17
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership: Registered to *Driftnet Hostmaster* (ASN 211298).
- Geolocation: Confirmed as Bursa, Turkey (TR), but flagged with conflicting GB country code. ICMP validation failed due to blockage.
- Network Role: Single-service HTTP host (port 80). No CDN, VPN, or mobile carrier indicators.
- Threat Indicators: No direct malicious activity detected.
---
**2. Observation History**
- Recent Activity (2026-06-17):
- Detected as part of a network with 25 observations, including:
- Threat Signals: 50+ pulse counts linked to unspecified campaigns.
- DNS Resolution: Resolves to `r4-87-57.monitoring.internet-measurement.com`, which may indicate data collection infrastructure.
- Geolocation Inconsistencies: Conflicting country codes (GB/TR) and ICMP blockage.
- Stability: Subnet (`185.247.137.0/24`) shows mixed risk with 37.63% abuse density.
---
**3. Relationships**
- Linked Entities:
- DNS: `r4-87-57.monitoring.internet-measurement.com` (HTTP redirect detected).
- Networks: Multiple entries under "UK-DRIFTNET" (potential data measurement infrastructure).
- Ownership: No recent changes; stable registration.
---
**4. Neighborhood Analysis**
- Subnet (`185.247.137.0/24`):
- Total IPs: 186; Active IPs: 49; Threat IPs: 70.
- Risk Distribution: 33 medium-risk IPs, 67 low-risk IPs.
- Notable Neighbors:
- `185.247.137.2` (risk 50), `185.247.137.3` (risk 40), and others with moderate risk scores.
---
**5. Recommendations**
- Monitor Traffic: Track HTTP activity and DNS queries to `internet-measurement.com` for anomalies.
- Verify Geolocation: Investigate conflicting country codes (GB/TR) and ICMP blockage.
- Subnet Analysis: Focus on high-risk neighbors in the `185.247.137.0/24` subnet.
- Block if Suspicious: Consider blocking the IP if it persists in threat feeds or shows unusual behavior.
---
Source: IPDebrief Threat Intelligence Platform | Confidence: Moderate to High.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Driftnet Hostmaster |
| ASN | AS211298 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | r4-87-57.monitoring.internet-measurement.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | r4-87-57.monitoring.internet-measurement.com |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 39% | 2 | 5 |
| routing | 13% | 1 | 1 |
| services | 26% | 2 | 4 |
| ownership | 23% | 2 | 3 |
| reputation | 23% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 26% | 10 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:01 UTC |
| Last Seen | 2026-06-23 01:11:22 UTC |
| Profile Built | 2026-06-23 01:29:21 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 26 |
Full dossier details are available via our API.