85.218.221.0
IP Intelligence Briefing: 85.218.221.0/32
Date: 2026-05-30
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Owned by Stofa AS (AS39642) in Denmark (DK).
- Geolocation:
- City: DK-8310 Tranbjerg
- Coordinates: 56.26°N, 9.5°E
- ISP: Stofa AS (CDNET-CABLE)
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services).
- DNS:
- PTR Hostname: `85-218-221-0.norlyscustomer.net`
- SPF Record: Valid (no DMARC).
- Threat Indicators: No malicious activity, spam, or known attacker associations.
---
**2. Observation History**
- Last 30 Days:
- No persistent threats or ownership changes.
- Network classification remains "clean" with 0 abuse density.
- BGP stability: Route unstable (0 route changes), no MOAS or RPKI issues.
- DNS Resolution: Consistent (1 resolution attempt).
---
**3. Relationships**
- Linked Entities:
- DNS: `85-218-221-0.norlyscustomer.net` (multiple associations).
- Network: Subnet `85.218.221.0/24` (classified as clean).
- No connections to known malicious organizations, campaigns, or Tor networks.
---
**4. Neighborhood Analysis**
- Subnet: `85.218.221.0/24`
- Abuse Density: 0% (clean subnet).
- Neighbors: No active or risky sibling IPs in the subnet.
---
**5. Actionable Insights**
- No immediate mitigation required.
- Monitor: DNS hostname `norlyscustomer.net` for potential misconfigurations.
- Verify: Ensure no unexpected traffic patterns emerge in the subnet.
Conclusion: 85.218.221.0 is a low-risk, statically assigned IP owned by a Danish ISP with no malicious activity. No threats detected in historical data or network relationships.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Stofa AS |
| ASN | AS39642 |
| Network Name | CDNET-CABLE |
| CIDR Block | 85.218.220.0/22 |
| RIR | RIPE |
| Country | DK |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 85-218-221-0.norlyscustomer.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 85-218-221-0.norlyscustomer.net |
๐ DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 25% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 35% | 2 | 3 |
| Overall | 22% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-14 07:15:25 UTC |
| Last Seen | 2026-06-07 04:31:45 UTC |
| Profile Built | 2026-06-07 04:45:22 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 20 |
Full dossier details are available via our API.