128.127.94.174

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 128.127.94.174/32

Date: 2026-06-22

Classification: Operational Intelligence

Target: 128.127.94.174

---

## Executive Summary

IP address 128.127.94.174 is classified as Low Risk with a composite risk score of 30. The address is owned by Marek Malecki (ASN 35745) within the Polish network infrastructure and is currently firewalled with no active services. While the IP itself shows minimal threat indicators, the /24 subnet exhibits elevated abuse density (0.294), suggesting the address should be monitored within its network context.

---

## Ownership & Geolocation

Registrant: Marek Malecki (ASN 35745)
Network: Gecon-Gorzow (Poland)
Location: Janczewo, Poland (51.92°N, 19.15°E)
Timezone: Europe/Warsaw
RIR: ARIN
Registration Date: Available via RDAP

---

## Network Classification & Services

Primary Role: Firewalled / No Services
Open Ports: None detected
TLS Certificate: None
HTTP Title: None
DNS PTR: host-a174.net.gecon.com.pl
Forward Resolution: 1 hostname (com.pl)
Email Auth: No SPF/DMARC records detected

---

## Threat Indicators

Known Attacker: No
Spam Source: No
Tor Exit Node: No
Cloud/CDN/VPN/Proxy: No
Hosting/Residential/Mobile: No
Bogon Address: No
DNSBL Listed: 2 of 8 lists
Blacklist Count: 0
Campaign Correlation: None identified

---

## Control Plane Analysis

BGP Prefix: 128.127.80.0/20 (Origin ASN 35745)
Route Stability: NOT STABLE (isRouteStable: false)
Route Changes (30d): 0
RPKI State: Not verified
IRR Consistency: Not verified
DNSSEC Valid: Yes
Operator Score: 0.1304 (Minimal)

---

## Observation History

Total observations: 19

Date	Signal Type	Key Observations
2026-06-22	Minimal Risk	Risk score: 0, Operator score: 0
2026-06-17	DNSBL Activity	Listed on 2 of 8 lists (medium severity)
2026-06-02	Network Role	No special network characteristics detected

Temporal Analysis: No persistent malicious behavior observed. Ownership remains stable with zero changes. Threat observation count: 1.

---

## Neighborhood Risk Assessment (128.127.94.0/24)

Total Sibling IPs: 17
Abuse Density: 0.294 (Moderate-Elevated)
Risk Distribution: 5 High, 11 Medium, 1 Low
Inherited Risk Score: 14

High-Risk Neighbors:

128.127.94.12, 128.127.94.17, 128.127.94.26, 128.127.94.40, 128.127.94.50
128.127.94.54, 128.127.94.60, 128.127.94.62, 128.127.94.68, 128.127.94.73
128.127.94.81, 128.127.94.104, 128.127.94.140, 128.127.94.152, 128.127.94.167

---

## Relationship Graph

Total Relationships: 56
Primary Association: Gecon-Gorzow network (multiple same-network entries)

---

## Recommended Actions

Immediate:

1. Monitor traffic from subnet 128.127.94.0/24 due to elevated neighbor risk density

2. Track route stability anomalies for BGP 128.127.80.0/20

Firewall Rules:

Allow monitoring: `128.127.94.174/32`
Monitor traffic patterns from related subnet addresses

Threat Intel:

No immediate blocking recommended (Low Risk classification)
Add to watchlist for subnet-level correlation analysis

---

## Analyst Notes

The target IP is currently benign but operates within a moderately abusive subnet environment. The DNSBL listings (2 of 8 lists) observed on 2026-06-17 warrant continued monitoring. Route instability in the broader 128.127.80.0/20 block may indicate network-level reorganization. No direct threat indicators present against this specific host.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇵🇱 Poland
Region	08
City	Janczewo
Timezone	Europe/Warsaw
Latitude	51.92
Longitude	19.15

🏢 Ownership & Registration

Organization	Marek Malecki
ASN	AS35745
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	host-a174.net.gecon.com.pl
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`host-a174.net.gecon.com.pl`

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Unknown
Service Purpose	Firewalled / No Services
Network Tier	Unknown — Insufficient routing data to classify

No specific classification

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	26%	2	3
routing	13%	1	1
services	8%	1	1
ownership	20%	2	3
reputation	21%	1	3
geolocation	19%	2	2
Overall	18%	9	13

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:03:39 UTC
Last Seen	2026-06-22 13:13:19 UTC
Profile Built	2026-06-22 13:21:07 UTC
Data Freshness	Live
Signal Types	19
Total Observations	21

🔍 19 signal types · 21 observations collected

This report is generated from 19+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

128.127.94.174📋 Copy