89.175.252.170
IP Intelligence Dossier
Your IP: 216.73.216.123
๐ค Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 89.175.252.170
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: Low Risk (0/100)
- Ownership: Registered to MTU-NOC (Russia) under the Customers_SPB_R12 network.
- Geolocation: Moscow, Russia (55.75°N, 37.62°E).
- Network Role: Firewalled system with no open ports or services detected.
---
**2. Threat Indicators**
- No malicious activity: No indicators of spam, known attackers, or blacklisted activity.
- DNS: No PTR records or domain associations. DNS lookups timed out.
- TLS/HTTP: No certificates, open ports, or web server banners detected.
---
**3. Network Behavior**
- BGP Prefix: Part of 89.175.248.0/21 (MTS, Russia).
- Subnet: 89.175.252.0/24. No active neighboring IPs detected.
- Abuse Density: 0% (no malicious sibling IPs in subnet).
---
**4. Observation History**
- Recent Activity:
- DNS lookup failures (likely misconfigured or private IP).
- No changes in ownership or threat observations over 30 days.
- Stable BGP prefix with no route instability.
---
**5. Relationships**
- Network Associations: Linked to Customers_SPB_R12 (MTU-NOC).
- DNS: No resolved hostnames or email authentication records (SPF/DKIM).
---
**6. Recommendations**
- Monitor: Track for unexpected DNS resolution or service exposure.
- Geopolitical Context: Consider Russia-related network traffic policies.
- Firewall: No immediate action required, but isolate if unusual activity emerges.
---
Conclusion: This IP is low-risk and appears to be a private, firewalled system in Moscow, Russia. No immediate threat detected, but ongoing monitoring is advised due to its geopolitical location and lack of DNS visibility.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | MTU-NOC |
| ASN | AS8359 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
No certificate
Issued by โ
N/A
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 2 |
| routing | 25% | 1 | 1 |
| services | 19% | 1 | 2 |
| ownership | 30% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 13% | 1 | 1 |
| Overall | 21% | 8 | 11 |
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-17 03:09:46 UTC |
| Last Seen | 2026-06-08 05:19:54 UTC |
| Profile Built | 2026-06-08 05:44:28 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 21 |
๐ 20 signal types ยท 21 observations collected
This report is generated from 20+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
โน๏ธ About This Report
All data shown is publicly available network metadata โ IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.