37.143.61.84
IP Intelligence Briefing: 37.143.61.84
*Generated via IPDebrief tools: Profile, History, Relationships, & Neighbors*
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Ownership: ASN 42831 (netutils-mnt, RIPE)
- Geolocation: United States (City of London, England)
- Network Role: Multi-service host (SSH, RDP ports open)
- Threat Indicators: No malicious indicators, no DNSBL listings, no known attacker campaigns.
---
**2. Observation History**
- Recent Activity:
- DNSSEC validation (score: 0.13, "Minimal" risk).
- Subnet abuse density: 23% (mixed risk, 3 threat siblings in /24).
- No persistent malicious behavior detected.
- Key Signals:
- 16 observations over 30 days (last updated 2026-06-18).
- Minimal operator risk (0.13 score).
---
**3. Network Relationships**
- Linked Entities:
- Subnet: 37.143.61.84/24 (abuse density: 23%).
- 13 neighbors; 7 active, 3 flagged as high-risk (scores: 55β65).
- Notable Neighbors:
- 37.143.61.16 (65/100 risk), 37.143.61.22 (55/100 risk), 37.143.61.132 (65/100 risk).
- Subnet Classification: "Mixed" (some IPs show inherited risk).
---
**4. Threat & Mitigation Context**
- No Direct Threats: IP itself is clean, but subnet has 3 high-risk neighbors.
- Services: Open SSH (22/TCP) and RDP (3389/TCP) portsβmonitor for unauthorized access.
- Recommendations:
- Investigate high-risk neighbors (e.g., 37.143.61.16, 37.143.61.132).
- Block traffic to/from suspicious subnets (e.g., IPXO networks linked in relationships).
- Ensure DNSSEC validation is enforced for this subnet.
---
Conclusion: The IP is not malicious but resides in a subnet with mixed risk. Focus on monitoring neighbors and securing open services. No immediate action required, but continuous observation is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | netutils-mnt |
| ASN | AS42831 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Multi-Service Host |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| 3389 | rdp | tcp | β |
| Closed Ports | 25, 80, 443, 8080, 8443 (2 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 21% | 2 | 2 |
| Overall | 20% | 10 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:17 UTC |
| Last Seen | 2026-06-23 11:10:06 UTC |
| Profile Built | 2026-06-23 11:22:53 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 19 |
Full dossier details are available via our API.