158.173.23.41
## IP Intelligence Briefing: 158.173.23.41/32
Classification: Low Risk | Risk Score: 25 | Assessment: Monitor
Executive Summary
IP 158.173.23.41 is classified as low risk with a reputation score of 25. The address is associated with VPN Consumer London, United Kingdom (ASN 212238) and operates within a predominantly clean subnet (158.173.23.0/24) showing abuse density of 0. Current network role indicates firewalled status with no active services or open ports.
Technical Profile
- Geolocation: London, England, GB (53.86°N, 0.63°E)
- ASN: 212238 (VPN Consumer London, United Kingdom)
- Network Block: 158.173.23.0/24
- Control Plane: BGP prefix 158.173.23.0/24, route stability: false
- DNSBL Status: Listed on 1 of 8 total DNSBL lists
- Threat Indicators: None currently active
- Blacklist Count: 0
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
Network Services & DNS
- Open Ports: None detected
- HTTP/HTTPS: No services, no TLS certificates
- PTR Resolution: None
- Forward Resolution: Confirmed false
- Domain Associations: None identified
Historical Observations
Recent signal history (last 20 observations) indicates mixed geolocation signals with one notable threat signal on 2026-06-25 from Alienvault OTX (confidence 0.75) showing threat activity with geolocation inference in Denmark. Historical data shows ICMP validation blocked, preventing precise RTT validation. No persistent malicious activity detected over observation period.
Neighborhood Assessment (158.173.23.0/24)
- Abuse Density: 0 (mostly_clean)
- Active Siblings: 0
- Threat Siblings: 1
- Risk Distribution: High: 0, Medium: 0, Low: 0
- Classification: Clean subnet with minimal threat concentration
Relationships
IP relationship graph identifies only same-network associations (LONDON-GB-158-173-23-0). No organizational, hostname, or certificate relationships detected.
Recommended Actions
No specific firewall or blocking recommendations at this time. The IP presents low risk with no active threat indicators. SOC analysts may:
- Monitor for emergence of open ports or service activity
- Review the single DNSBL listing for context
- Treat as legitimate traffic unless behavioral indicators change
Status: No immediate action required. Continue monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | VPN Consumer London, United Kingdom |
| ASN | AS212238 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 19% | 9 | 13 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-09 17:41:11 UTC |
| Last Seen | 2026-06-25 18:12:29 UTC |
| Profile Built | 2026-06-25 18:19:20 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 18 |
Full dossier details are available via our API.