192.109.200.220
IP Intelligence Briefing: 192.109.200.220
*Generated via IPDebrief tools (June 6, 2026)*
---
**1. Core Profile**
- Risk Rating: Moderate (Risk Score: 50/100)
- Ownership: Managed by MNT-TRAFFIC (ASN 197170, ARIN registry).
- Geolocation: Netherlands (NL), Peter Beron Str, coordinates 52.13°N, 5.29°E.
- Network Role: Single-service host (SSH on port 22).
- Threat Indicators: No known malicious activity, no blacklists, or campaigns.
---
**2. Network Context**
- Subnet: 192.109.200.0/24
- Subnet Abuse Density: 29.41% (moderate risk).
- Neighbors:
- 16 sibling IPs in the subnet.
- High-risk neighbors: 192.109.200.78 (Risk: 80), 192.109.200.215 (Risk: 65).
- Low-risk majority: 9 IPs with 0โ25 risk scores.
- BGP Analysis:
- Prefix: 192.109.200.0/24.
- Route stability: Unstable (routeChanges30d: 0, isRouteStable: false).
---
**3. Observational History**
- Latest Observation: June 6, 2026.
- Geolocation Consistency: Plausible (RTT: 107โ110 ms, distance ~1,650 km).
- Behavioral Data:
- Open SSH service (SSH-2.0-OpenSSH_8.9p1).
- No TLS certificates or HTTP banners detected.
---
**4. Relationships & Threats**
- No Direct Threat Links: No indicators of spam, Tor, or known attackers.
- Subnet Correlation: Mixed risk subnet with 5 high-risk siblings.
- DNS: No PTR records or domain associations.
---
**5. Recommendations**
1. Monitor SSH Service: Inspect port 22 for unauthorized access attempts.
2. Subnet Risk Mitigation: Prioritize investigation of high-risk neighbors (e.g., 192.109.200.78).
3. Geolocation Validation: Verify Netherlands-based traffic patterns against known benign activity.
4. BGP Stability: Check route stability for 192.109.200.0/24 to detect potential network manipulation.
---
*End of Briefing*
*Data sourced from IPDebrief intelligence platform.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | MNT-TRAFFIC |
| ASN | AS197170 |
| Network Name | ipv4 |
| CIDR Block | 192.109.200.0/24 |
| RIR | ARIN |
| Country | NL |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-12 09:40:50 UTC |
| Last Seen | 2026-06-26 18:10:58 UTC |
| Profile Built | 2026-06-26 16:46:35 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 20 |
Full dossier details are available via our API.