162.158.86.28
# IP Intelligence Briefing: 162.158.86.28/32
## Executive Summary
IP address 162.158.86.28 is a low-risk (score: 25/100) Cloudflare CDN endpoint operating as legitimate infrastructure. No malicious indicators detected. No defensive action required.
## Ownership and Classification
- Provider: Cloudflare, Inc. (ASN 13335)
- Infrastructure Type: Content Delivery Network (CDN)
- Network Role: Firewalled / No Services
- Geolocation: US (Frankfurt am Main region, per geolocation consensus)
- Registration: ARIN RIR, Cloudflare network block
## Risk Assessment
- Overall Risk Score: 25 (Low Risk)
- Abuse Confidence: Not applicable (legitimate CDN)
- Blacklist Status: 0 blacklist entries
- Threat Indicators: None detected
- Known Campaigns: None
## Behavioral Analysis (21 Observations)
Observation history confirms consistent Cloudflare CDN classification across all signals:
- is_cdn: Confirmed (21/21 observations)
- is_tor: false
- is_vpn: false
- is_proxy: false
- is_mobile: false
- is_anycast: false
Temporal analysis shows zero ownership changes and zero threat observation persistence. The IP exhibits stable, expected behavior for CDN infrastructure.
## Neighborhood Context (/24 Subnet: 162.158.86.0/24)
- Abuse Density: 0 (minimal)
- Classification: mostly_clean
- Active Siblings: 3 total, all with low-risk scores (25/100)
- Threat Siblings: 0
The /24 subnet demonstrates benign traffic patterns consistent with legitimate CDN operations.
## Network Relationships
18 relationship entries confirmed, all mapping to Cloudflare network (CLOUDFLARENET). No anomalous associations detected with malicious entities, subnets, or hostnames.
## Recommended Actions
No action required. The IP address represents legitimate Cloudflare CDN infrastructure:
- Block: Not recommended
- Allow: Standard CDN traffic permitted
- Monitor: No special monitoring required beyond standard CDN traffic patterns
## SOC Analyst Notes
This IP is part of Cloudflare's global CDN edge network. Traffic from this address should be treated as legitimate CDN traffic. Do not flag for investigation unless associated with unusual request patterns or business anomalies. The low risk score (25) and zero threat indicators confirm benign operational status.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cloudflare, Inc. |
| ASN | AS13335 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-18 03:21:54 UTC |
| Last Seen | 2026-06-28 06:01:33 UTC |
| Profile Built | 2026-06-29 00:06:06 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 24 |
Full dossier details are available via our API.