85.203.15.219
IP Intelligence Briefing: 85.203.15.219
*Generated using IPDebrief tools: Profile, History, Relationships, and Neighborhood Analysis*
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership:
- ASN: 62240
- Organization: Jeroen van veen
- Geolocation: Berlin, Germany (51.62°N, 8.04°E)
- Threat Indicators:
- No direct malicious activity detected (no blacklists, campaigns, or known attacker status).
- Subnet abuse density: High (51% of 85.203.15.0/24 subnet flagged as abusive).
- Network Role:
- No open services, ports, or TLS certificates detected.
- BGP prefix: 85.203.15.0/24 (classified as high_abuse).
---
**2. Observation History**
- Recent Activity (June 7, 2026):
- Listed in 8 threat feeds with high severity (e.g., DNS, network anomalies).
- Subnet abuse density increased to 51%.
- Historical Trends:
- No persistent malicious activity; no long-term threat persistence.
- Geolocation data consistently points to Berlin, Germany.
---
**3. Relationships**
- Network Connections:
- Linked to FRANKFURT-DE-85-203-15-0 (likely a regional ISP or private network).
- No direct ties to known malicious organizations, domains, or certificates.
- Subnet Context:
- 47 IPs in the 85.203.15.0/24 subnet.
- 24 threat siblings (high-risk IPs) and 22 medium-risk IPs.
---
**4. Neighborhood Analysis**
- Subnet Abuse Density:
- 51% of IPs in the subnet are flagged as abusive.
- 24 IPs in the subnet are directly associated with threats.
- Key Neighbors:
- IPs like 85.203.15.19, 85.203.15.72, and 85.203.15.203 share similar risk profiles (40/50 authority score).
- 22 IPs have low risk (0β25 score), suggesting mixed activity.
---
**5. Recommendations**
- Monitor Subnet: High abuse density in the 85.203.15.0/24 subnet warrants closer scrutiny of traffic patterns.
- Investigate Neighbors: IPs like 85.203.15.72 and 85.203.15.203 may be linked to the observed threats.
- Geolocation Verification: Confirm the IPβs Berlin location with additional geolocation tools or DNS validation.
- Network Segmentation: Consider isolating this subnet if itβs part of a larger network with mixed risk profiles.
---
*End of Briefing*
*Generated by IPDebrief β Cybersecurity Threat Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Jeroen van veen |
| ASN | AS62240 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 19% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-15 02:51:51 UTC |
| Last Seen | 2026-06-07 11:30:04 UTC |
| Profile Built | 2026-06-07 11:32:09 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 18 |
Full dossier details are available via our API.