IP Intelligence Briefing: 162.158.210.232
Date: 2026-06-14
---
**1. Core Profile**
- Risk Rating: Moderate (Risk Score: 40 / 100)
- Provider: Cloudflare, Inc. (ASN: 13335)
- Network Role: CDN (Cloudflare infrastructure)
- Geolocation:
- Country: US
- City: Sofia (likely placeholder; geolocation data may be incomplete).
- Latitude/Longitude: Unavailable.
- Threat Indicators:
- No direct malicious activity detected.
- Not listed in DNSBLs or threat feeds.
---
**2. Network Behavior**
- Subnet: 162.158.210.232/24
- Abuse Density:
- Subnet abuse density: 97.3% (high risk).
- 36/37 active neighbors are flagged as high/medium risk.
- Threat siblings: 36 IPs in the subnet show elevated risk.
- Services:
- No open ports or TLS services detected.
- CDN infrastructure (no direct services exposed).
---
**3. Temporal Observations**
- Recent Activity (Last 30 Days):
- Stable ownership (Cloudflare, Inc.).
- No persistent malicious activity observed.
- Geo-validation consistent (1,650 km from probe, 123ms avg RTT).
---
**4. Relationships & Context**
- Network Relationships:
- Directly linked to CLOUDFLARENET (AS13335).
- No external hostnames or certificates associated.
- Subnet Context:
- High abuse density in the 162.158.210.0/24 subnet.
- Most neighbors (85%) have authority scores > 85, indicating potential for misuse.
---
**5. Recommendations**
- Monitor Subnet:
- The 162.158.210.0/24 subnet has high abuse density. Investigate neighboring IPs for suspicious behavior.
- Traffic Filtering:
- Consider blocking the subnet or implementing strict access controls if the IP is part of a perimeter-facing network.
- Threat Hunting:
- Correlate with Cloudflare logs to identify potential misuse of CDN infrastructure.
---
Note: This IP is part of Cloudflareβs CDN, which is generally trusted, but the surrounding subnetβs high abuse density warrants closer scrutiny. No direct malicious activity detected, but contextual risks are significant.
Source: IPDebrief Threat Intelligence Platform.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cloudflare, Inc. |
| ASN | AS13335 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-13 06:37:17 UTC |
| Last Seen | 2026-06-27 22:38:27 UTC |
| Profile Built | 2026-06-28 16:44:12 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 24 |
Full dossier details are available via our API.