185.17.124.46
IP Intelligence Briefing: 185.17.124.46/32
*Generated via IPDebrief Threat Intelligence Platform*
---
**Key Risk Indicators**
- Risk Score: 80 (High Risk)
- Subnet Abuse Density: 29.17% (Moderate risk within /24 network)
- Inherited Risk: 11 (High-risk neighbors detected in subnet)
- Geolocation: Ukraine (Kyiv region), latitude 50.45, longitude 30.53
---
**Ownership & Network Context**
- Registrar: RIPE NCC (ASN 3255)
- Organization: "admin" (likely internal/proprietary)
- Subnet: 185.17.124.0/24
- Network Role: Unknown (no services, no CDN/cloud indicators)
- Routing: DNSSEC valid, BGP route stable
---
**Threat Observations**
- No Direct Threat Indicators: No malware, phishing, or spam signals detected.
- Neighbor Risk: 14/48 IPs in subnet are high/medium risk (e.g., 185.17.124.26, 185.17.124.32).
- Historical Trends: Stable ownership (no recent changes) and no persistent malicious activity.
---
**Actionable Recommendations**
1. Monitor Subnet Traffic: High-risk neighbors suggest potential lateral movement or shared infrastructure risks.
2. Investigate Network Configuration: Verify if the IP is part of a compromised network segment.
3. Block High-Risk Neighbors: Consider isolating or blocking IPs like 185.17.124.26/32 to mitigate inherited risk.
4. Validate Geolocation: Confirm legitimacy of Ukrainian IP registration (potential spoofing?).
---
**Summary**
The IP 185.17.124.46 is part of a moderately risky subnet with mixed infrastructure. While no direct threats are detected, its proximity to high-risk IPs and unclear network role warrant closer monitoring. SOC teams should prioritize subnet-level analysis and validate the IP's operational legitimacy.
*Data sourced from IPDebrief's real-time threat intelligence and historical observations.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | admin |
| ASN | AS3255 |
| Network Name | UA-EKSINTECH-20130130 |
| CIDR Block | 185.17.124.0/22 |
| RIR | RIPE |
| Country | UA |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-23 06:21:39 UTC |
| Last Seen | 2026-06-10 05:27:29 UTC |
| Profile Built | 2026-06-10 05:36:51 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 17 |
Full dossier details are available via our API.