138.43.155.212
IP Intelligence Briefing: 138.43.155.212
Date: 2026-06-12
---
**1. Risk Assessment**
- Risk Score: 25 (Low Risk)
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or known attacker associations).
- DNSBL Listing: 1/8 threat feeds flagged the IP (low confidence).
---
**2. Ownership & Geolocation**
- Organization: Highland Communications LLC (ASN 395437, ARIN-registered).
- Location: Huntsville, TN, US (latitude 36.41, longitude -84.49).
- Network: Part of the 138.43.128.0/18 CIDR block (HCL-73 netname).
---
**3. Network Configuration**
- Firewalled: No open ports or services detected (no TLS certs, HTTP banners, or active DNS records).
- DNS:
- PTR hostname: `138-43-155-212.ftth.nrma2.highland.net`.
- SPF record: `v=spf1 include:spf1.neonova.net ip4:139.60.0.209 -all` (valid, no DMARC).
- BGP: Prefix `138.43.155.0/24` (no route anomalies detected).
- DNSSEC: Validated.
---
**4. Threat Observations (Last 30 Days)**
- Total Signals: 13 (DNS, network, and DNSBL).
- Key Findings:
- 1 DNSBL listing (low severity).
- No persistent malicious activity or campaign correlations.
- Stable network configuration with no ownership changes.
---
**5. Relationships & Neighbors**
- Network Affiliations:
- Same subnet (`138.43.155.0/24`) and organization (Highland Communications LLC).
- DNS association with `highland.net` (no abuse indicators).
- Subnet Abuse Density: 0% (no risky neighbors identified).
---
**6. Recommendations**
- Monitor DNS: Track DNSBL listings and ensure SPF/DNSSEC configurations remain valid.
- Network Segmentation: Confirm firewalled environment limits access to this subnet.
- Threat Feeds: Re-evaluate DNSBL inclusion if operational context changes.
Conclusion: Low-risk IP with no active threats. No immediate action required, but ongoing monitoring is advised for DNS and network stability.
---
*Generated by IPDebrief for SOC operational use.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Highland Communications LLC |
| ASN | AS395437 |
| Network Name | HCL-73 |
| CIDR Block | 138.43.128.0/18 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 138-43-155-212.ftth.nrma2.highland.net |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 138-43-155-212.ftth.nrma2.highland.net |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 0% | 0 | 0 |
| routing | 0% | 0 | 0 |
| services | 0% | 0 | 0 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 6% | 3 | 4 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-31 11:13:39 UTC |
| Last Seen | 2026-06-12 07:02:55 UTC |
| Profile Built | 2026-06-12 07:09:33 UTC |
| Data Freshness | Live |
| Signal Types | 16 |
| Total Observations | 16 |
Full dossier details are available via our API.