185.238.231.168
IP Intelligence Briefing: 185.238.231.168
*Generated via IPDebrief tools: Profile, History, Relationships, Neighbors*
---
**1. Risk Assessment**
- Risk Score: 25 (Low Risk)
- Threat Indicators: No malicious activity, no blacklisted domains, no known campaigns, and no DNS-based threats.
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services detected).
- Provider: Registered to netutils-mnt (ASN 206092) under IPXO (RIPE).
---
**2. Geolocation & Ownership**
- Country: Conflicting data (ES/Spain vs. US).
- Recent observation (2026-06-06) lists Spain (ES).
- Earlier observation (2026-05-29) lists Denver, Colorado, USA.
- Potential data inconsistency; investigate further.
- ASN: 206092 (SECFIREWALLAS - F.N.S. HOLDINGS LIMITED, CY).
- Registration: No date provided; subnet 185.238.231.0/24 registered to IPXO.
---
**3. Observed Activity**
- Historical Signals:
- 2026-06-06: Geolocation resolved to Spain (ES), ASN 206092.
- 2026-05-29: Geolocation resolved to Denver, Colorado, USA.
- No recent threats or service scans detected.
- Behavioral Flags: No honeypot hits, enumeration attempts, or WAF violations.
---
**4. Network Relationships**
- Subnet: 185.238.231.0/24 (part of larger IPXO network).
- Neighbors:
- 100 IPs in subnet (185.238.231.0/24).
- Abuse Density: 0% (clean subnet).
- Risk Distribution:
- 2 IPs with medium risk (score 50).
- 52 IPs with low risk (score 25).
- No malicious neighbors detected.
---
**5. Actionable Insights**
- SOC Recommendations:
- Monitor geolocation inconsistencies (Spain vs. USA) for potential spoofing or misconfigured DNS.
- Track subnet abuse density; no immediate threats detected.
- No firewall rules or mitigation actions required for this IP.
---
Conclusion: 185.238.231.168 is a low-risk, firewalled IP with no malicious indicators. The geolocation discrepancy requires further investigation, but the subnet appears clean. No immediate action is needed, but continued monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | netutils-mnt |
| ASN | AS206092 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 20% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-12 09:40:43 UTC |
| Last Seen | 2026-06-26 16:34:40 UTC |
| Profile Built | 2026-06-26 16:45:29 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 18 |
Full dossier details are available via our API.