37.65.160.49
IP Intelligence Briefing: 37.65.160.49
Date: 2026-06-07
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership:
- ASN: 15557
- Organization: SFR Legal Contact (Société Française du Radiotelephone)
- Network: SFR-INFRA (Mobile Carrier)
- Location: Paris, France (Latitude: 48.86, Longitude: 2.35)
- Network Role: Mobile infrastructure (LTE/5G), no public services or hosting.
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or TLS anomalies).
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- 17 observations, with the latest on 2026-06-07.
- Geolocation: Consistent with Paris, France (confidence: 52%).
- Network Classification: Clean (abuse density: 0).
- DNSSEC: Validated.
- DNSBL: Listed in 1 of 8 DNSBLs (potential spam risk, but low overall threat).
---
**3. Relationships**
- DNS Associations:
- PTR hostname: `49.160.65.37.rev.sfr.net` (SFR domain).
- No email authentication records (SPF/DMARC).
- Network Connections:
- Linked to SFR-INFRA (same ASN/organization).
- No correlation to known malicious subnets or campaigns.
---
**4. Neighborhood Analysis**
- Subnet: 37.65.160.0/24 (SFR-INFRA).
- Neighbor Risk:
- 37.65.160.211: Risk score 50 (Medium Risk).
- Subnet abuse density: 0 (clean).
- Notable: The single high-risk neighbor may warrant closer inspection, but the primary IP remains low risk.
---
**5. Recommendations**
- Monitor Subnet: Track 37.65.160.211 for potential lateral movement or compromised devices.
- Verify DNSBL: Investigate why this IP is listed in DNSBLs, though it aligns with SFR's spam policies.
- Geolocation Discrepancy: Investigate the inconsistent geolocation data (Paris vs. 46.23°N, 2.21°E).
---
Conclusion: 37.65.160.49 is a legitimate SFR mobile infrastructure IP with no direct malicious indicators. Focus on the neighboring IP (37.65.160.211) and verify DNSBL listings for potential spam activity. No immediate defensive action required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | SFR Legal Contact |
| ASN | AS15557 |
| Network Name | SFR-INFRA |
| CIDR Block | 37.65.160.0/21 |
| RIR | RIPE |
| Country | FR |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 49.160.65.37.rev.sfr.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 49.160.65.37.rev.sfr.net |
๐ DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 15% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-15 14:46:16 UTC |
| Last Seen | 2026-06-07 14:32:31 UTC |
| Profile Built | 2026-06-07 14:42:17 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 22 |
Full dossier details are available via our API.