185.194.178.2
IP Intelligence Briefing: 185.194.178.2
*Generated via IPDebrief tools (Profile, History, Relationships, Neighbors, Actions)*
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership:
- ASN: 29066 (netutils-mnt)
- Organization: IPXO (France)
- Geolocation: Strasbourg, Grand Est, France (48.58°N, 7.74°E)
- Threat Indicators:
- No known malicious activity, spam, or attacker campaigns.
- No DNSBL listings or blacklisted domains.
- Network Role:
- Firewalled / No Services (no open ports or TLS certs).
- Classified as "Infrastructure" with no CDN/VPN/Proxy indicators.
---
**2. Historical Observations**
- Recent Activity (2026-06-11):
- 1 DNSBL listing (abuse confidence score 0.13).
- Geolocation confirmed via MaxMind.
- No persistent threat activity detected.
- Long-Term Trends:
- No ownership changes or threat persistence.
- Low abuse density in subnet (0/45 neighbors flagged).
---
**3. Relationships & Subnet**
- Network Affiliation:
- Part of 185.194.178.0/24 subnet (IPXO).
- 45 neighbors in subnet:
- 7 IPs with medium risk (score 25โ50).
- 38 IPs low risk (score 0โ25).
- 0 IPs high risk.
- Subnet abuse density: 0%.
---
**4. Security Recommendations**
- Firewall Rules (Example):
- `iptables`: `iptables -A INPUT -s 185.194.178.2 -j DROP`
- Cloudflare AWS WAF: Block IP with description "IPDebrief risk 50".
- Monitoring:
- Watch neighboring IPs with medium risk (e.g., 185.194.178.13, 185.194.178.27).
- Re-evaluate if threat indicators emerge in subnet.
---
**5. Summary**
This IP is owned by a French organization (IPXO) and appears benign, with no direct malicious activity. However, its subnet contains 7 medium-risk neighbors, warranting closer scrutiny. No immediate action is required, but continued monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | netutils-mnt |
| ASN | AS29066 |
| Network Name | IPXO |
| CIDR Block | 185.194.178.0/23 |
| RIR | RIPE |
| Country | GB |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 13% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-27 07:17:08 UTC |
| Last Seen | 2026-06-26 18:10:54 UTC |
| Profile Built | 2026-06-11 08:55:16 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 15 |
Full dossier details are available via our API.