223.27.17.37
IP Intelligence Briefing: 223.27.17.37
Date: 2026-06-07
---
**1. IP Profile**
- Risk Score: 25 (Low Risk)
- Provider: Hostopia Australia Web Pty Ltd (AS 55803)
- Geolocation: Australia (latitude -33.49, longitude 143.21)
- Network: Part of `223.27.0.0/19` subnet (HOSTOPIA-AU)
- Services: No open ports or TLS certificates detected.
- Threat Indicators: No malicious activity, spam, or known attacker associations.
---
**2. Observation History**
- Latest Data (2026-06-07):
- Stable geolocation and network ownership.
- Subnet abuse density: 0.5 (low).
- No recent threats or service changes.
- Historical Context:
- First observed in May 2026 with consistent geolocation.
- No persistent malicious behavior or ownership changes.
---
**3. Network Relationships**
- Linked Entities:
- Subnet: `223.27.0.0/19` (HOSTOPIA-AU)
- Hostname: `vmh20338.hosting24.com.au`
- Key Findings:
- No direct ties to known malicious organizations or campaigns.
- DNS records show no email authentication (SPF/DKIM) configured.
---
**4. Subnet Neighborhood**
- Subnet: `223.27.17.37/24`
- Abuse Density: 0.5 (low-risk subnet).
- Neighbors:
- 223.27.17.233: Risk score 50 (moderate risk).
- No other high-risk IPs in the subnet.
---
**5. Actionable Insights**
- Monitor Neighbor: The subnet contains one IP (223.27.17.233) with a moderate risk score. Investigate potential lateral movement or compromised hosts.
- Check Hosting Provider: Hostopia Australia Web Pty Ltd has no abuse reports, but ensure DNS configurations (e.g., SPF/DKIM) are secure.
- Subnet Health: Low abuse density suggests minimal risk, but continuous monitoring is recommended.
SOC Recommendation: No immediate mitigation required for this IP, but monitor its subnet and neighbor (223.27.17.233) for anomalies.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Hostopia Australia Web Pty Ltd |
| ASN | AS55803 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | vmh20338.hosting24.com.au |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | vmh20338.hosting24.com.au |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | ns1.ionline.com.auwww.ns1.ionline.com.au |
| Valid From | 2026-05-02T04:10:15+00:00 |
| Valid Until | 2026-07-31T04:10:14+00:00 |
| TLS Protocol | Tls12 |
| Cipher Suite | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
| Signature Algorithm | sha256RSA |
| Validity Period | 89 days |
| Serial Number | 05CF23610DFC3F5B81B29A711D36ADAC8B64 |
| Thumbprint | 72CFE91F7FB3BCDC5C9D1DD2B6D2CE079260F2EF |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 13% | 1 | 1 |
| Overall | 16% | 8 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-15 14:46:09 UTC |
| Last Seen | 2026-06-19 11:33:56 UTC |
| Profile Built | 2026-06-17 14:58:13 UTC |
| Data Freshness | Fresh |
| Signal Types | 20 |
| Total Observations | 21 |
Full dossier details are available via our API.