IPDebrief

162.158.210.69

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

## INTELLIGENCE BRIEFING: 162.158.210.69/32

Classification: CDN Edge Node (Cloudflare)

Risk Assessment: Moderate Risk (Score: 40/100)

Reporting Date: Current Analysis

Data Sources: IPDebrief Intelligence Platform

---

EXECUTIVE SUMMARY

IP 162.158.210.69 is a Cloudflare CDN infrastructure endpoint operating within the CLOUDFLARENET network. The IP is classified as a firewalled endpoint with no active services. While the immediate threat indicators are absent, the /24 subnet demonstrates elevated abuse density (0.973) with 36 of 37 sibling IPs flagged as threats. This suggests the subnet is actively utilized for malicious activities, though the specific target IP remains a legitimate CDN edge node.

---

OWNERSHIP AND GEOGRAPHY

AttributeValue
ASN13335
OrganizationCloudflare, Inc.
CountryUnited States (US)
RIRARIN
BGP Prefix162.158.208.0/22
Geographic ConsensusUS (Sofia, Sofia-Capital region)

---

NETWORK CLASSIFICATION

Primary Classification: Content Delivery Network (CDN)

Infrastructure Type: CDN

Service Status: Firewalled / No Services

CDN Provider: Cloudflare

Classification Flags:

---

THREAT INDICATORS

IndicatorStatus
Threat IndicatorsNone
Blacklist Count0
Pulsedive RiskN/A
Known CampaignsNone
Is Known AttackerFalse
Is Spam SourceFalse
Abuse Confidence ScoreN/A

DNSBL Status: Listed on 1 of 8 total lists (minimal operator impact)

---

OBSERVATION HISTORY

Total Observations: 19 signals

Observation Period: 2026-06-06 to 2026-06-14

Threat Persistence: 0 days

Ownership Changes: 0

Recent Signals:

Temporal Analysis: No persistent malicious activity detected. The IP has maintained consistent CDN infrastructure classification throughout the observation period.

---

NETWORK NEIGHBORHOOD ANALYSIS

Subnet: 162.158.210.0/24

Total Siblings: 37

Active Siblings: 37

Risk Distribution:

Abuse Density: 0.973 (High Abuse Classification)

Threat Siblings: 36 of 37 IPs

Neighboring IPs of Concern:

Assessment: The /24 subnet exhibits significant abuse activity. While 162.158.210.69 remains a legitimate CDN endpoint, the surrounding infrastructure is actively exploited. This warrants monitoring for potential abuse of the Cloudflare infrastructure.

---

RELATIONSHIP GRAPH

Connected Entities: 23 relationships identified

Primary Relationship Type: Same Network (CLOUDFLARENET)

Network Affiliation: All relationships map to Cloudflare

---

ACTIONABLE RECOMMENDATIONS FOR SOC ANALYSTS

1. Traffic Classification

2. Monitoring Parameters

3. Threat Context

4. Response Protocols

---

INTELLIGENCE SUMMARY FOR SOC OPERATIONS

Final Risk Rating: Moderate (Score: 40/100)

Key Takeaways:

Confidence Level: High (Based on 19 observations over 8-day period)

Next Review Date: 2026-06-21 (7-day interval recommended)

---

End of Intelligence Briefing

*Intel generated by IPDebrief Platform | For authorized SOC use only*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡Έ United States
RegionSofia-Capital
CitySofia
Timezoneβ€”
Latitude42.70
Longitude23.32

🏒 Ownership & Registration

OrganizationCloudflare, Inc.
ASNAS13335
Network Nameβ€”
CIDR Blockβ€”
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo β€” PTR hostname does not resolve back to this IP (weak signal)

πŸ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierHosting β€” Infrastructure provider without advanced routing
CDN

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
26%
24
routing
8%
11
services
15%
22
ownership
17%
23
reputation
28%
13
geolocation
19%
22
Overall19%1015
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-13 06:37:17 UTC
Last Seen2026-06-27 22:40:28 UTC
Profile Built2026-06-28 16:49:07 UTC
Data FreshnessLive
Signal Types19
Total Observations22
πŸ” 19 signal types Β· 22 observations collected
This report is generated from 19+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.