91.224.92.159
IP Intelligence Briefing: 91.224.92.159
Date: 2026-06-11
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Ownership:
- ASN: 209605
- Organization: BSTLT-MNT (SERVEROFFER_LT)
- Registration: RIR: RIPE, Abuse Contact Available
- Geolocation:
- Country: United Kingdom (GB)
- Coordinates: 51.5°N, 0.12°W (approx. London)
- DNSSEC Valid, but no CAA record
- Threat Indicators:
- No direct malware, phishing, or exploit indicators
- 3 listings in threat feeds (confidence: 0.85)
---
**2. Network Behavior**
- Subnet: 91.224.92.0/24
- Neighbor Risk: 6 medium-risk IPs, 2 low-risk IPs (abuse density: 0)
- Subnet Owner: SERVEROFFER_LT (same as target IP)
- Services:
- No open ports or TLS certificates detected
- Firewalled infrastructure with no active services
- BGP:
- Prefix: 91.224.92.0/24
- Route stability: Unstable (route changes in last 30 days)
---
**3. DNS & Hostname Associations**
- PTR Record:
- `srv-91-224-92-159.serveroffer.net`
- 12 DNS associations (likely a single server or misconfigured PTR)
- Email Security:
- SPF record present, but no DMARC or CAA records
- Domain: `serveroffer.net` (hosted domains: 0)
---
**4. Temporal Observations**
- Recent Activity (2026-06-11):
- High-risk signal (3 listings in threat feeds)
- Minimal operator score (0.13)
- No persistent malicious activity detected
- Historical Data (2026-06-04):
- Geolocation confirmed (UK)
- No ownership changes or threat persistence
---
**5. Recommendations**
- Monitor Subnet: Track medium-risk neighbors (e.g., 91.224.92.99, 91.224.92.182) for anomalies.
- DNS Hardening: Add CAA records to `serveroffer.net` to mitigate email spoofing risks.
- Network Segmentation: Ensure firewalled infrastructure (91.224.92.159) is isolated from internal networks.
- Threat Feed Analysis: Investigate the 3 threat feed listings for potential false positives or emerging campaigns.
Note: While no direct malicious activity is observed, the high-risk score and mixed subnet risks warrant closer monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | BSTLT-MNT |
| ASN | AS209605 |
| Network Name | SERVEROFFER_LT |
| CIDR Block | 91.224.92.0/24 |
| RIR | RIPE |
| Country | LT |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | srv-91-224-92-159.serveroffer.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | srv-91-224-92-159.serveroffer.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 13% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-27 01:08:22 UTC |
| Last Seen | 2026-06-11 08:17:32 UTC |
| Profile Built | 2026-06-11 08:24:05 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.