188.143.232.193
# IP Intelligence Briefing: 188.143.232.193/32
Classification: Moderate Risk | Date: 2026-06-18 | Source: IPDebrief Intelligence Platform
## Executive Summary
IP address 188.143.232.193 is associated with Petersburg Internet Network Ltd. (ASN 34665) in St. Petersburg, Russia. The IP presents a moderate risk profile (risk score: 40) with no active threat indicators observed. However, the /24 subnet (188.143.232.0/24) exhibits elevated abuse density (0.7812) with high-abuse classification, warranting defensive monitoring.
---
## Profile & Ownership
| Attribute | Value |
|---|---|
| **Risk Score** | 40 (Moderate) |
| **ASN** | 34665 (PINDC-AS) |
| **Organization** | Leon Lundberg / Petersburg Internet Network ltd., RU |
| **Country/Region** | Russia / St. Petersburg |
| **BGP Prefix** | 188.143.232.0/23 |
| **DNSSEC** | Valid |
| **CAA Records** | Present |
---
## Network Classification
The IP is classified as firewalled with no active services detected. Classification flags:
- Not CDN, Cloud, VPN, Proxy, Tor, Mobile, Hosting, or Residential
- Not bogon or anycast
- Forward resolution: Unconfirmed
- No PTR hostnames recorded
---
## Threat Indicators
Current Status: No active threat indicators
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
- Active Campaigns: None
- Blacklist Count: 0
- DNSBL Listed: 1 of 8 total lists
---
## Subnet Neighborhood Analysis
Subnet: 188.143.232.0/24
| Metric | Value |
|---|---|
| Abuse Density | 0.7812 (High Abuse) |
| Inherited Risk | 31 |
| Total Siblings | 256 |
| Active Siblings | 124 |
| Threat Siblings | 200 |
| Risk Distribution | 0 High, 8 Medium, 92 Low |
The /24 subnet demonstrates significant abuse prevalence with 200 threat-sibling IPs identified.
---
## Control Plane & Routing
| Metric | Status |
|---|---|
| Route Stable | **False** |
| Route Changes (30d) | 0 |
| RPKI State | Not Available |
| IRR Consistency | Not Available |
| Operator Score | 0.2174 (Minimal) |
| MOAS | No |
---
## Temporal & Behavioral History
Observation Count: 21 signals over monitoring period
Key Historical Signals:
- 2026-06-18: ASN 34665 attribution via Team Cymru DNS (confidence: 0.85)
- 2026-06-04: Minimal operator score (0.2174)
- 2026-06-03: High abuse density classification (0.7812)
- 2026-06-03: Network role classification (confidence: 0.30)
Behavioral Metrics:
- Honeypot Hits: 0
- Enumeration Strikes: 0
- WAF Violations: 0
- Persistently Malicious: No
---
## Relationship Graph
Total Relationships: 72
- Multiple "Same Network" relationships to LeonLundberg-net network entity
- No external organization or hostname relationships identified
---
## Recommended Actions
Firewall Blocking Rules Available:
```bash
# iptables
iptables -A INPUT -s 188.143.232.193 -j DROP
# nftables
nft add rule inet filter input ip saddr 188.143.232.193 drop
# nginx
deny 188.143.232.193;
# Cloudflare WAF
Filter: ip.src eq 188.143.232.193 (Block)
# AWS WAF
Addresses: 188.143.232.193/32
```
---
## Analyst Notes
1. Subnet Context: Despite moderate IP-level risk score, the /24 subnet shows high abuse density. Consider implementing subnet-level monitoring or blocking rules if the threat surface warrants.
2. No Active Services: The target IP is not hosting detectable services, reducing immediate exploitation risk.
3. Geographic Concentration: All intelligence originates from Russian infrastructure. Coordinate with threat intelligence feeds for regional context.
4. Monitoring Recommendation: Continue passive monitoring. No escalation required at this time, but maintain awareness of subnet-level activity patterns.
5. Action Threshold: Risk score of 40 falls within moderate category. Implement defensive controls based on organizational risk tolerance.
---
*Intelligence generated by IPDebrief Platform. This briefing is based on passive observations and should be validated through additional context before operational deployment.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Leon Lundberg |
| ASN | AS34665 |
| Network Name | โ |
| CIDR Block | 188.143.232.0/23 |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 40% | 2 | 3 |
| services | 20% | 2 | 3 |
| ownership | 28% | 3 | 4 |
| reputation | 26% | 1 | 3 |
| geolocation | 28% | 2 | 3 |
| Overall | 28% | 12 | 20 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:48 UTC |
| Last Seen | 2026-06-26 18:11:47 UTC |
| Profile Built | 2026-06-25 14:03:47 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 26 |
Full dossier details are available via our API.