IP Intelligence Briefing: 170.187.158.202/32
Date: June 14, 2026
1. Risk Profile
- Overall Risk: Low Risk (Risk Score: 25)
- Provider: Linode (ASN: 63949)
- Geolocation: United States (GA, Atlanta), ARIN-registed.
- Network Role: Cloud hosting infrastructure (Linode).
- Threat Indicators: No malicious activity detected (no DNS/IP threats, spam, or known attackers).
2. Observation History
- Latest Activity: June 14, 2026 β Classified as a cloud compute instance (Linode).
- Historical Trends: Subnet (170.187.158.0/24) has 1 abuse density incident, with 2 threat siblings.
- Stability: BGP route stable (no recent changes).
3. Network Relationships
- Linked Entities:
- Same network: Linode (cloud hosting provider).
- Subnet: 170.187.158.0/24 (abuse density: 1, classified as "mostly clean").
- Neighbors:
- 170.187.158.119 (Risk Score: 25, same risk level).
- Subnet has 2 threat siblings, but no direct connections to this IP.
4. Actionable Insights
- SOC Guidance:
- Monitor the 170.187.158.0/24 subnet for anomalies, as it contains threat siblings.
- Verify Linode-hosted instances for potential misconfigurations or compromised containers.
- No immediate blocking required; focus on subnet-level monitoring.
5. Recommendations
- Add 170.187.158.0/24 to threat intelligence feeds for ongoing subnet abuse tracking.
- Validate Linodeβs security posture and ensure cloud workloads are patched.
Conclusion:
The IP is a low-risk Linode-hosted server with no direct malicious indicators. However, its subnet contains potential threats, warranting closer scrutiny. No immediate action is required, but continued monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Linode |
| ASN | AS63949 |
| Network Name | β |
| CIDR Block | 170.187.144.0/20 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | prod-boron-us-southeast-24.li.binaryedge.ninja |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 20% | 2 | 3 |
| services | 21% | 2 | 2 |
| ownership | 22% | 3 | 4 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 26% | 12 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-08 23:18:10 UTC |
| Last Seen | 2026-06-27 14:22:53 UTC |
| Profile Built | 2026-06-28 08:28:46 UTC |
| Data Freshness | Live |
| Signal Types | 29 |
| Total Observations | 34 |
Full dossier details are available via our API.