80.174.72.166
IP Intelligence Briefing: 80.174.72.166
Date: 2026-06-10
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership:
- ASN: 3257
- Organization: netutils-mnt (EUROPEAN-LEASE1-NET)
- Registry: RIPE
- Geolocation: United States (WA, Newport), Latitude: 48.18, Longitude: -117.04
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services detected)
- Threat Indicators: No malicious activity, no known campaigns, no blacklist entries.
---
**2. Observation History (30-Day Window)**
- DNSSEC Valid: Yes (operator score: 0.13, labeled "Minimal").
- Routing: BGP prefix 80.174.64.0/19 (GTT Communications, Spain).
- Threat Activity: No observed threats, zero threat persistence.
- Geolocation Plausibility: Discrepancy noted (IP registered to EU network but geolocated to US).
---
**3. Relationships & Subnet**
- Network Relationships:
- Linked to "EUROPEAN-LEASE1-NET" (same network).
- Subnet Neighbors (80.174.72.0/24):
- 6 total IPs; 2 medium-risk (25โ50), 4 low-risk (<25).
- No high-risk neighbors detected.
- Abuse Density: 0% (low risk in subnet).
---
**4. Security Recommendations**
- Firewall Rules (Sample):
- `iptables`: `iptables -A INPUT -s 80.174.72.166 -j DROP`
- Cloudflare AWS WAF: Block IP with description "IPDebrief risk 50".
- Monitoring: Track geolocation discrepancies and monitor for unexpected service activation.
---
**5. Actionable Takeaway**
This IP exhibits moderate risk with no direct malicious indicators but shows potential anomalies (geolocation mismatch, subnet abuse density). Monitor for unexpected network activity or service exposure. No immediate blocking required, but include in watchlist for behavioral changes.
Next Steps: Cross-reference with internal threat feeds, validate geolocation discrepancies, and ensure subnet-level monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | netutils-mnt |
| ASN | AS3257 |
| Network Name | EUROPEAN-LEASE1-NET |
| CIDR Block | 80.174.64.0/19 |
| RIR | RIPE |
| Country | EU |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-23 18:31:14 UTC |
| Last Seen | 2026-06-10 11:32:56 UTC |
| Profile Built | 2026-06-10 11:59:33 UTC |
| Data Freshness | Live |
| Signal Types | 14 |
| Total Observations | 15 |
Full dossier details are available via our API.