151.240.55.248
IP Intelligence Briefing: 151.240.55.248
Date: 2026-06-11
---
**1. Profile Summary**
- Risk Score: Moderate (50/100)
- Ownership: Private customer (ASN 137409, RIPE registry)
- Geolocation:
- Reported: Sioux Falls, South Dakota, USA (latitude 35.7, longitude 51.41)
- Conflict: Country code "IR" (Iran) in some signals, conflicting with U.S. geolocation. Verify data source accuracy.
- Threat Indicators:
- No direct malicious activity detected (no known campaigns, spam, or attacker lists).
- DNSBL Listings: 2 out of 8 total lists (high severity in 1 list).
- Operator Score: Minimal (0.13), suggesting limited network visibility.
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- Alienvault-OTX: Detected as a potential threat (pulse count: 1).
- DNSBL Listings: Listed in 8 blacklists (1 high-severity, 7 medium).
- Stability: Route stability score: 0.13 (minimal operator visibility).
- Geolocation Consistency: Mixed signals (U.S. vs. Iran).
---
**3. Network Relationships**
- Subnet: 151.240.55.0/24
- Key Relationships:
- Linked to 4 identical network entries (NET-151-240-55-0-24).
- Neighbor Risk:
- Medium Risk: 6 IPs (avg. score 50).
- Low Risk: 22 IPs (avg. score 25).
- High Risk: 0 IPs.
- Abuse Density: 0% (subnet not flagged for abuse).
---
**4. Threat & Mitigation**
- Actionable Insights:
- Monitor DNSBL Listings: The IP is listed in 8 DNSBLs, suggesting potential spam or abuse. Investigate if itβs part of a larger network.
- Geolocation Discrepancy: Verify the "IR" country code conflict. This could indicate data errors or misattribution.
- Subnet Context: While the subnet has low abuse density, 6 neighbors have medium risk. Consider monitoring traffic patterns.
- Firewall Actions:
- Block traffic from this IP if it aligns with known malicious behavior.
- Add to DNSBL monitoring lists for further analysis.
---
**5. Recommendations**
1. Validate the geolocation discrepancy and investigate the "IR" country code.
2. Monitor DNSBL activity and check for upstream network ties to high-risk IPs.
3. Use the subnetβs neighbor data to identify potential lateral movement risks.
4. Apply firewall rules to restrict traffic from this IP if it persists in threat lists.
Product: IPDebrief | Copyright: 2026 Jason Alberino. All rights reserved.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Private Customer |
| ASN | AS137409 |
| Network Name | NET-151-240-55-0-24 |
| CIDR Block | 151.240.55.0/24 |
| RIR | RIPE |
| Country | VG |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 13% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-28 00:15:59 UTC |
| Last Seen | 2026-06-11 12:52:11 UTC |
| Profile Built | 2026-06-11 13:02:39 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 15 |
Full dossier details are available via our API.