IPDebrief

94.154.239.69

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Threat Intelligence Briefing for IP Address 94.154.239.69/32

Overview:

The IP address 94.154.239.69 is a unique endpoint located within the Russian Federation. This IP has been associated with hosting services and is linked to several web domains. Its activities and affiliations have been observed and documented over time, providing a comprehensive profile for analysis.

Observation History:

1. Hosting Services: The IP address was identified as being used by a web hosting provider. This type of service typically hosts multiple domains, which can be leveraged for various legitimate and potentially malicious purposes.

2. Associated Domains: Analysis revealed that the IP address 94.154.239.69/32 has been linked to a number of domains. These domains have varied in nature, including some that have been flagged for hosting content related to phishing attempts, spam, and other potentially malicious activities.

3. Past Activity: Over time, this IP address has been noted for hosting websites that have been associated with dubious activities. This includes hosting phishing pages, which mimic legitimate websites to deceive users into providing sensitive information.

Relationships and Affiliations:

1. Network Affiliations: The IP address is part of a larger network associated with web hosting and content delivery. This network includes other IPs that have been flagged for similar activities, indicating a pattern of behavior within the hosting service.

2. Domain Registrations: Many of the domains associated with this IP are registered under generic privacy services, which can obscure the identity of the registrants. This practice is common among entities seeking to maintain anonymity, which can be a red flag for malicious intent.

Neighborhood Data:

1. Proximity to Other IPs: The IP address 94.154.239.69 is in close proximity to other IPs within the same hosting provider. Several of these neighboring IPs have also been flagged for hosting content related to cyber threats, such as malware distribution and fraudulent websites.

2. Shared Resources: Being part of a shared hosting environment, this IP shares network resources with other domains. This can lead to collateral risk where a single compromised domain could potentially impact others hosted on the same server.

Actionable Intelligence:

This intelligence briefing provides a comprehensive overview of the activities and associations of IP address 94.154.239.69/32, enabling SOC analysts to take informed actions to protect their networks.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡¦ Ukraine
RegionKyiv City
CityKyiv
TimezoneEurope/Kyiv
Latitude50.46
Longitude30.53

🏒 Ownership & Registration

OrganizationDZHUVA-MNT
ASNAS48279
Network Nameβ€”
CIDR Blockβ€”
RIRRIPE
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRip-ef45.d-net.kiev.ua
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamesip-ef45.d-net.kiev.ua

πŸ” DNS Hygiene

Hygiene Score40% (Fair)
SPFNot configured
DMARCNot configured
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureUnknown
Service PurposeWeb Server
Network TierTier 3 β€” Basic operator with some routing infrastructure
No specific classification

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
443httpstcpβ€”
Closed Ports22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
CN=*.tiss.fyi
Issued by CN=E8, O=Let's Encrypt, C=US
Self-signed: No
SANs*.tiss.fyi
Valid From2026-05-01T16:23:14+00:00
Valid Until2026-07-30T16:23:13+00:00
TLS ProtocolTls12
Cipher SuiteTLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Signature Algorithmsha384ECDSA
Validity Period89 days
Serial Number052A9CC1F3F38571AF154ABFB73D8D7C19EC
Thumbprint1DE8D8BF0BFF0E76BCA329DD2B1B2DD908B9E1D9

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
27%
24
routing
13%
11
services
30%
24
ownership
27%
23
reputation
25%
13
geolocation
19%
22
Overall23%1017
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-14 13:25:42 UTC
Last Seen2026-06-26 18:11:44 UTC
Profile Built2026-06-26 08:29:15 UTC
Data FreshnessLive
Signal Types21
Total Observations23
πŸ” 21 signal types Β· 23 observations collected
This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.