IPDebrief

95.141.17.194

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# INTELLIGENCE BRIEFING: 95.141.17.194/32

Date: 2026-06-24

Classification: Moderate Risk / High-Abuse Context

Target IP: 95.141.17.194/32

---

## 1. OWNERSHIP & GEOGRAPHY

The target IP belongs to ASN 202596 (G.Network Administrators), registered under RIR RIPE. Geolocation data identifies the IP as located in England, City of London, GB. DNS resolution points to the hostname 95.141.17.194.g.network within the g.network domain infrastructure. Email authentication records show SPF and DMARC configurations present.

Key Attributes:

---

## 2. RISK ASSESSMENT

Current Risk Profile:

Control Plane Indicators:

---

## 3. CRITICAL CONTEXTUAL RISK: SUBNET ANALYSIS

Subnet: 95.141.17.0/24

MetricValue
Abuse Density71.09%
Classification**HIGH ABUSE**
Total Siblings256
Active Siblings121
Threat Siblings182

Analysis: The target IP resides in a subnet exhibiting severe abuse characteristics. The 71% abuse density indicates that 182 of 256 addresses in this /24 have been observed with malicious activity. This contextual risk significantly elevates the threat posture beyond the IP's individual risk score of 50. Network defenders should treat all traffic from this subnet with heightened scrutiny.

---

## 4. NETWORK SERVICES & THREAT INDICATORS

Service Discovery:

Threat Indicators:

Campaign Intelligence:

---

## 5. OBSERVATION HISTORY

Historical Activity: 22 total observations recorded

Notable Timeline Events:

Temporal Analysis:

---

## 6. RELATIONSHIP MAPPING

Relationships Identified: 66 total

---

## 7. RECOMMENDATIONS FOR SOC ANALYSTS

Immediate Actions:

1. Block or Rate-Limit: Consider blocking inbound connections to this subnet (95.141.17.0/24) given the 71% abuse density

2. Monitor Outbound: Investigate any outbound connections FROM hosts on this subnet to external networks

3. Log All Traffic: Enable comprehensive logging for all traffic to/from this IP range

Network Defense Rules:

Further Investigation:

---

Report Generated By: IPDebrief Intelligence Platform

Data Sources: 6+ intelligence feeds, 22 historical observations, 66 relationship mappings

Classification Level: Internal Security Use Only

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฌ๐Ÿ‡ง United Kingdom
RegionEngland
CityCity of London
TimezoneEurope/London
Latitude51.52
Longitude-0.09

๐Ÿข Ownership & Registration

OrganizationG.Network Administrators
ASNAS202596
Network Nameโ€”
CIDR Blockโ€”
RIRRIPE
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTR95.141.17.194.g.network
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames95.141.17.194.g.network

๐Ÿ” DNS Hygiene

Hygiene Score60% (Good)
SPFPresent
DMARCPresent
FCrDNSNot verified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureUnknown
Service PurposeFirewalled / No Services
Network TierUnknown โ€” Insufficient routing data to classify
No specific classification

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
33%
23
routing
13%
11
services
8%
11
ownership
24%
23
reputation
31%
13
geolocation
30%
23
Overall23%914
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-07 23:04:51 UTC
Last Seen2026-06-26 18:11:50 UTC
Profile Built2026-06-26 08:24:51 UTC
Data FreshnessLive
Signal Types20
Total Observations23
๐Ÿ” 20 signal types ยท 23 observations collected
This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.