195.19.49.129📋 Copy

IP Intelligence Briefing: 195.19.49.129

Date: 2026-06-10

---

**1. Core Profile**

• Risk Score: 65 (Moderate Risk)
• Ownership:

- ASN: AS57529 (ZAO GTNT, Russia)

- Geolocation: Moscow, Russia (55.74°N, 37.61°E)

- Network: 195.19.48.0/20

• Threat Indicators:

- No active malware, phishing, or exploit activity detected.

- Flagged as a compromised server (proxy check).

- Listed in 3 DNSBLs (high-severity threat feeds).

---

**2. Observation History**

• Recent Activity (Last 30 Days):

- DNSBL Listings: 1 high-severity listing (confidence: 0.85).

- Network Changes: No ownership shifts or persistent malicious behavior.

- Proxy Flags: Marked as a "compromised server" (proxy type).

- Subnet Abuse: 0 abuse density in 195.19.49.0/24.

---

**3. Network Relationships**

• Linked Entities:

- Same network: GTNT (ZAO GTNT, Russia).

- No direct connections to known C2 servers, CDN nodes, or Tor relays.

• Subnet Neighbors:

- 1 active neighbor (195.19.49.128) with a low risk score (25).

- Subnet abuse density: 0% (clean).

---

**4. Technical Characteristics**

• Services: No open ports or TLS services detected.
• DNS:

- No PTR records or domain associations.

- DNSSEC validated.

• Network Role: Firewalled infrastructure with no public services.

---

**5. Recommendations**

• Monitoring: Continuously monitor for DNSBL reappearances or subnet changes.
• Firewall: Block traffic to this IP unless explicitly required.
• Investigation: Verify the compromised server flag with internal logs.

Final Assessment: Moderate risk due to DNSBL associations, but no direct malicious activity observed. Subnet appears clean.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.