161.115.239.71

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 161.115.239.71/32

Classification: LOW RISK / RESIDENTIAL ENDPOINT

Analysis Date: 2026-06-05

Primary Source: IPDebrief Intelligence Platform

---

## EXECUTIVE SUMMARY

IP 161.115.239.71 is classified as a low-risk residential endpoint hosted by Flux Telecom, LLC (ASN 6079). The IP demonstrates minimal threat indicators, no known malicious activity, and belongs to a residential service provider infrastructure. While the broader subnet shows mixed classification characteristics, this specific IP presents no immediate threat to network security operations.

---

## OWNERSHIP & INFRASTRUCTURE

Attribute	Value
ASN	6079 (Flux Telecom, LLC)
Registration	ARIN
Location	Los Angeles, California, CA
Network Role	Residential Endpoint
Classification	Residential (not CDN, Cloud, VPN, or Proxy)
BGP Prefix	161.115.232.0/21
Route Stability	Stable

The IP operates as a standard residential endpoint with no evidence of infrastructure abuse. RPKI validation and routing stability indicate legitimate BGP operations.

---

## THREAT INDICATORS

Current Threat Profile:

Risk Score: 25 (Low Risk)
Blacklist Count: 0
Known Attacker: No
Tor Exit Node: No
Spam Source: No
DNSBL Listed: 1 (out of 8 total lists)

No active threat indicators detected. The IP does not match known campaigns or correlate with attacker infrastructure patterns.

---

## NETWORK NEIGHBORHOOD ANALYSIS

Subnet: 161.115.239.0/24

Metric	Value
Total Siblings	16 IPs
Abuse Density	0.5 (mixed classification)
Threat Siblings	8 out of 16
Risk Distribution	Low risk (all 16 neighbors)
Inherited Risk	20

Neighborhood Note: The /24 subnet exhibits mixed classification with 50% threat sibling ratio. However, this specific IP (161.115.239.71) maintains low risk characteristics independent of neighborhood context.

---

## OBSERVATION HISTORY

Temporal Analysis: 18 historical observations tracked since 2026-06-05

Geolocation Consistency: Stable California/US assignment with minor geolocation signal variance
Operator Score: 0.2609 (Basic)
Threat Persistence: None detected
Campaign Correlation: Zero matches across threat intelligence feeds

The IP demonstrates consistent benign behavior with no degradation or escalation in threat profile over the observation period.

---

## RECOMMENDED ACTIONS

Firewall/Security Recommendations:

NO BLOCKING REQUIRED - Low-risk residential endpoint
Standard residential traffic monitoring applies
No specific firewall rules recommended beyond baseline network policies

SOC Analyst Guidance:

Monitor as standard residential IP
No immediate investigation warranted
If this IP appears in logs: treat as legitimate residential user traffic
Consider for residential proxy detection if traffic patterns indicate abuse

---

## INDICATORS FOR INTEGRATION

Indicator Type	Value	Confidence
IP Address	161.115.239.71	N/A (Low Risk)
ASN	6079	N/A
Organization	Flux Telecom, LLC	N/A

---

END OF BRIEFING

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇨🇦 Canada
Region	California
City	Los Angeles
Timezone	—
Latitude	33.96
Longitude	-118.39

🏢 Ownership & Registration

Organization	Flux Telecom, LLC
ASN	AS6079
Network Name	—
CIDR Block	161.115.232.0/21
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Residential
Service Purpose	Residential Endpoint
Network Tier	End-User — Residential ISP endpoint

Residential

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	27%	2	3
routing	24%	2	3
services	15%	2	2
ownership	24%	3	4
reputation	13%	1	2
geolocation	19%	2	2
Overall	20%	12	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mostly Consistent (80%) — 1 contradiction(s)
Attribution	Low (35%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Geo sources disagree on country: US, CA

📅 Observation Timeline 🔄 Live

First Seen	2026-05-10 04:11:33 UTC
Last Seen	2026-06-25 22:26:34 UTC
Profile Built	2026-06-25 22:43:29 UTC
Data Freshness	Live
Signal Types	20
Total Observations	22

🔍 20 signal types · 22 observations collected

This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

161.115.239.71📋 Copy