185.238.231.80
IP Intelligence Briefing: 185.238.231.80/32
*Generated using IPDebrief threat intelligence tools*
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership:
- ASN: 206092 (netutils-mnt)
- Organization: IPXO
- RIR: RIPE
- Geolocation: Denver, Colorado, United States (39.74°N, -104.99°W)
- Threat Indicators:
- No malicious campaigns, blacklists, or known attacker associations.
- DNSBL listing (1/8 total lists) suggests potential spam or abuse risk.
- Network Role:
- Firewalled / No Services (no open ports, TLS, or HTTP services detected).
- BGP prefix: 185.238.231.0/24 (stable, no recent route changes).
---
**2. Observation History**
- DNSSEC Validity: Minimal confidence (0.15 score).
- Ownership Stability: No changes detected.
- Threat Persistence: No observed malicious activity over 30 days.
- Key Signals:
- DNS resolution linked to "team-cymru-dns" (ES country code).
- Low-risk DNSBL listing (1/8 total lists).
---
**3. Relationships**
- Network Connections:
- Linked to subnet 185.238.231.0/24 (IPXO).
- No direct ties to hostnames, domains, or certificates.
- Subnet Context:
- 100 IPs in the /24 subnet (2 medium-risk, 97 low-risk).
- Subnet abuse density: 0% (no reported malicious activity).
---
**4. Recommendations**
- Monitor DNSBL Status: Investigate the single DNSBL listing to confirm legitimacy.
- Subnet Scanning: Use active scanning tools to verify the 185.238.231.0/24 subnet for hidden services or compromised hosts.
- Geolocation Verification: Cross-check DNSSEC and geolocation data with internal threat feeds.
Conclusion: This IP is low-risk with no direct malicious indicators, but the DNSBL listing and subnet context warrant further monitoring. No immediate action required, but maintain vigilance for anomalies in the subnet.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | netutils-mnt |
| ASN | AS206092 |
| Network Name | IPXO |
| CIDR Block | 185.238.230.0/23 |
| RIR | RIPE |
| Country | GB |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 15% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-19 23:49:21 UTC |
| Last Seen | 2026-06-09 00:00:00 UTC |
| Profile Built | 2026-06-05 04:34:43 UTC |
| Data Freshness | Live |
| Signal Types | 9 |
| Total Observations | 9 |
Full dossier details are available via our API.