171.25.158.70
IP Intelligence Briefing: 171.25.158.70/32
*Generated via IPDebrief Analysis*
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership:
- ASN: 35100 (MNT-C2IP)
- Organization: KRONNET (Sweden)
- Geolocation: Vaxjo, Kronoberg County, Sweden (SE)
- Threat Indicators:
- No direct malicious activity detected (no indicators, blacklists, or campaigns).
- DNSBL listings: 2 out of 8 total lists.
- Network Role:
- Firewalled / No Services (no open ports, TLS, or HTTP signatures).
- BGP Prefix: 171.25.152.0/21 (high abuse density in subnet).
---
**2. Observation History**
- Recent Activity (June 2, 2026):
- Subnet abuse density: 64.29% (high abuse classification).
- 9 of 14 sibling IPs in the 171.25.158.0/24 subnet flagged as threats.
- No persistent malicious activity detected.
---
**3. Relationships & Context**
- Network Associations:
- Linked to KRONNET (same ASN/organization).
- DNS associations failed (timed out), suggesting potential misconfigurations or spoofing.
- Control Plane:
- DNSSEC valid,CAA present.
- Route stability: 0 changes in 30 days (stable).
---
**4. Neighborhood Analysis**
- Subnet: 171.25.158.0/24
- Abuse Density: 64.29% (high risk).
- Key Neighbors:
- 171.25.158.68 (risk: 65), 171.25.158.82 (risk: 65), 171.25.158.113 (risk: 66).
- 171.25.158.70 (risk: 50) is moderately risky compared to peers.
---
**5. Recommendations**
- Monitor Subnet: Elevated abuse density in 171.25.158.0/24 warrants closer scrutiny of neighbors.
- Verify DNS Configurations: Failed DNS associations may indicate spoofing or misconfigured resolvers.
- Check Network Segmentation: Ensure 171.25.158.70βs firewalled role is properly enforced.
- Review Threat Feeds: Despite no direct indicators, the subnetβs high abuse density suggests potential indirect risks.
---
End of Briefing
*Generated by IPDebrief β Cybersecurity Threat Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | MNT-C2IP |
| ASN | AS35100 |
| Network Name | KRONNET |
| CIDR Block | 171.25.152.0/21 |
| RIR | APNIC |
| Country | SE |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 11% | 1 | 2 |
| ownership | 15% | 2 | 2 |
| reputation | 23% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 20% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:53 UTC |
| Last Seen | 2026-06-26 18:10:46 UTC |
| Profile Built | 2026-06-22 20:58:56 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 19 |
Full dossier details are available via our API.