IPDebrief

151.240.55.248

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 151.240.55.248

Date: 2026-06-11

---

**1. Profile Summary**

- Reported: Sioux Falls, South Dakota, USA (latitude 35.7, longitude 51.41)

- Conflict: Country code "IR" (Iran) in some signals, conflicting with U.S. geolocation. Verify data source accuracy.

- No direct malicious activity detected (no known campaigns, spam, or attacker lists).

- DNSBL Listings: 2 out of 8 total lists (high severity in 1 list).

- Operator Score: Minimal (0.13), suggesting limited network visibility.

---

**2. Observation History**

- Alienvault-OTX: Detected as a potential threat (pulse count: 1).

- DNSBL Listings: Listed in 8 blacklists (1 high-severity, 7 medium).

- Stability: Route stability score: 0.13 (minimal operator visibility).

- Geolocation Consistency: Mixed signals (U.S. vs. Iran).

---

**3. Network Relationships**

- Linked to 4 identical network entries (NET-151-240-55-0-24).

- Neighbor Risk:

- Medium Risk: 6 IPs (avg. score 50).

- Low Risk: 22 IPs (avg. score 25).

- High Risk: 0 IPs.

- Abuse Density: 0% (subnet not flagged for abuse).

---

**4. Threat & Mitigation**

- Monitor DNSBL Listings: The IP is listed in 8 DNSBLs, suggesting potential spam or abuse. Investigate if it’s part of a larger network.

- Geolocation Discrepancy: Verify the "IR" country code conflict. This could indicate data errors or misattribution.

- Subnet Context: While the subnet has low abuse density, 6 neighbors have medium risk. Consider monitoring traffic patterns.

- Firewall Actions:

- Block traffic from this IP if it aligns with known malicious behavior.

- Add to DNSBL monitoring lists for further analysis.

---

**5. Recommendations**

1. Validate the geolocation discrepancy and investigate the "IR" country code.

2. Monitor DNSBL activity and check for upstream network ties to high-risk IPs.

3. Use the subnet’s neighbor data to identify potential lateral movement risks.

4. Apply firewall rules to restrict traffic from this IP if it persists in threat lists.

Product: IPDebrief | Copyright: 2026 Jason Alberino. All rights reserved.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡¦πŸ‡ͺ United Arab Emirates
RegionSouth Dakota
CitySioux Falls
TimezoneAsia/Dubai
Latitude23.42
Longitude53.85

🏒 Ownership & Registration

OrganizationPrivate Customer
ASNAS137409
Network NameNET-151-240-55-0-24
CIDR Block151.240.55.0/24
RIRRIPE
CountryVG
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo β€” PTR hostname does not resolve back to this IP (weak signal)

πŸ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureUnknown
Service PurposeFirewalled / No Services
Network TierUnknown β€” Insufficient routing data to classify
No specific classification

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
13%
11
routing
13%
11
services
13%
11
ownership
27%
23
reputation
0%
00
geolocation
13%
11
Overall13%67
Coverage: 5/6 dimensions Β· Data sufficiency: partial
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-28 00:15:59 UTC
Last Seen2026-06-11 12:52:11 UTC
Profile Built2026-06-11 13:02:39 UTC
Data FreshnessLive
Signal Types15
Total Observations15
πŸ” 15 signal types Β· 15 observations collected
This report is generated from 15+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.