94.157.49.253
IP Intelligence Briefing: 94.157.49.253
Date: 2026-05-29
---
**1. Core Profile**
- Risk Rating: Low Risk (25/100) | No active threats or malicious indicators detected.
- Ownership:
- ASN: 50266 (Access & transport)
- Country: Netherlands (NL) | Region: Gelderland | City: Arnhem
- Network Role: Firewalled / No Services | No open ports or TLS certificates detected.
- DNS:
- PTR hostname: `253-49-157-94.ftth.glasoperator.nl`
- Linked to domain `glasoperator.nl` (SPF validated, no DMARC).
---
**2. Threat & Abuse Indicators**
- Threat Feeds: No malicious indicators (no spam, malware, or known attacker associations).
- DNSBL Listings: 1/8 DNSBL lists (low priority).
- Subnet Abuse:
- Subnet: 94.157.49.253/24
- Abuse Density: 0.5 (mixed risk, 1 threat sibling in subnet).
---
**3. Network Relationships**
- Shared Network: NL-ODIDO-20080903 (Access & transport)
- DNS Associations:
- `253-49-157-94.ftth.glasoperator.nl` (PTR record).
- Geolocation Consensus: Plausible (52.13°N, 5.29°E, ±150km accuracy).
---
**4. Neighborhood Analysis**
- Subnet Neighbors:
- 1 neighbor in 94.157.49.0/24:
- 94.157.49.131 (Risk Score: 25, Authority Score: 60).
- Subnet Risk: Mostly clean (abuse density 0.5), but 1 neighbor shows higher risk.
---
**5. Behavioral & Technical Notes**
- BGP: Valid DNSSEC, no route stability issues.
- Hosting: No CDN, cloud, or residential indicators.
- Email: SPF validated, no DMARC or CAA records.
---
**6. SOC Recommendations**
- Monitor: Subnet neighbors (e.g., 94.157.49.131) for potential lateral movement.
- Verify: DNS associations with `glasoperator.nl` for domain reputation checks.
- Block: Consider blocking high-risk neighbors if they correlate with future threats.
Conclusion: Low-risk IP with no direct threats, but subnet-level monitoring is advised due to mixed abuse density.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Access & transport |
| ASN | AS50266 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 253-49-157-94.ftth.glasoperator.nl |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 253-49-157-94.ftth.glasoperator.nl |
๐ DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 17% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 12:14:03 UTC |
| Last Seen | 2026-06-06 22:14:51 UTC |
| Profile Built | 2026-06-06 22:18:33 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.