154.57.216.142
IP Intelligence Briefing: 154.57.216.142
Date: 2026-06-17
---
**1. Core Profile**
- Risk Score: Moderate (65/100)
- Provider: Cogent Communications, LLC (ASN 135407)
- Geolocation: United States (Punjab, Lahore)
- Network Role: Firewalled / No Services
- Threat Status: No indicators of malicious activity (no blacklists, Tor, or known attackers).
---
**2. Observation History**
- Recent Activity (2026-06-17):
- Listed in 3/8 threat feeds (high severity).
- DNSSEC valid, but 2 DNSBL listings (minimal risk).
- Historical Trends (2026-06-11):
- 2/8 threat feeds flagged the IP (high severity).
- No persistent malicious behavior detected.
---
**3. Network Relationships**
- Subnet: 154.57.216.0/24 (owned by Cogent Communications).
- Neighbors:
- No active neighbors reported (0/1).
- Subnet abuse density: mostly clean (abuse density = 1).
---
**4. Threat Indicators**
- No Malicious Activity:
- No DNS, TLS, or HTTP anomalies.
- No open ports or active services detected.
- DNS: No PTR records or domain associations.
---
**5. Recommendations**
- Monitor: Track for new threat feed listings or network changes.
- Verify: Confirm geolocation accuracy (Lahore, Punjab, US).
- Firewall: No immediate blocking required, but consider rate-limiting if unusual traffic emerges.
---
Conclusion:
This IP is owned by a legitimate ISP with no active malicious indicators. While it has been flagged in threat feeds, the risk remains low. Continued monitoring is advised due to the moderate risk score and sparse subnet activity.
Tools Used: `ipdebrief_profile`, `ipdebrief_history`, `ipdebrief_relationships`, `ipdebrief_neighbors`.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cogent Communications, LLC |
| ASN | AS135407 |
| Network Name | β |
| CIDR Block | β |
| RIR | AFRINIC |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 18% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Fresh
| First Seen | 2026-05-07 23:03:48 UTC |
| Last Seen | 2026-06-26 14:31:07 UTC |
| Profile Built | 2026-06-26 00:22:40 UTC |
| Data Freshness | Fresh |
| Signal Types | 17 |
| Total Observations | 18 |
Full dossier details are available via our API.