195.96.139.253
IP Intelligence Briefing: 195.96.139.253
Date: 2026-06-09
---
**1. Risk Profile**
- Overall Risk Score: 25 (Low Risk)
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or known attackers).
- Ownership:
- ASN: 211298 (Driftnet Hostmaster)
- Network: UK-DRIFTNET-20260127 (RIPE)
- Geolocation: London, United Kingdom (51.5°N, 0.12°W).
- Network Role: Unassigned infrastructure; no cloud, CDN, or residential indicators.
---
**2. Observation History**
- Recent Activity:
- DNSSEC validation confirmed (operator score: 0.26).
- Subnet (195.96.139.0/24) registered under Driftnet Hostmaster.
- No persistent malicious activity or threat observations.
- Temporal Trends: No ownership or threat persistence detected.
---
**3. Relationships**
- DNS Associations:
- Linked to `r5-253-fd.monitoring.internet-measurement.com` (multiple entries).
- Network Affiliation:
- Shared subnet with 100 IPs (195.96.139.0/24).
- No direct ties to known malicious networks.
---
**4. Neighborhood Analysis**
- Subnet Abuse Density: 0% (low risk).
- Neighbor Risk Distribution:
- High Risk: 0 IPs
- Medium Risk: 33 IPs
- Low Risk: 67 IPs
- Notable Neighbors:
- 195.96.139.2 (0 risk), 195.96.139.3 (40 risk), 195.96.139.4 (25 risk).
---
**5. Actionable Insights**
- Monitor Subnet: While the IP itself is low-risk, the subnet contains medium-risk neighbors. Monitor for unusual traffic patterns.
- Verify DNS: The DNS association with `internet-measurement.com` appears benign but should be validated for potential spoofing risks.
- No Immediate Mitigation: No firewall rules or security actions recommended due to low risk.
---
Conclusion:
195.96.139.253 is a low-risk IP associated with a Driftnet-hosted network in London. No malicious indicators were found, but the subnet contains mixed-risk neighbors. SOC teams should prioritize monitoring the subnet for emerging threats rather than targeting this IP directly.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Driftnet Hostmaster |
| ASN | AS211298 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | r5-253-fd.monitoring.internet-measurement.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | r5-253-fd.monitoring.internet-measurement.com |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-21 08:54:59 UTC |
| Last Seen | 2026-06-26 14:31:26 UTC |
| Profile Built | 2026-06-09 09:04:51 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 18 |
Full dossier details are available via our API.