170.39.89.186

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING: 170.39.89.186

Classification: Low Risk / Residential Endpoint

Date of Analysis: Current

Intel Source: IPDebrief Platform

## Executive Summary

IP address 170.39.89.186 was classified as a low-risk residential endpoint belonging to HERITAGE BROADBAND, LLC. The IP exhibited minimal threat indicators with a risk score of 25/100. No active malicious campaigns or known attacker signatures were detected. The address showed residential network characteristics consistent with legitimate broadband infrastructure.

## Network Profile

Organization: HERITAGE BROADBAND, LLC (ASN 398538)
Network Role: Residential Endpoint
Geolocation: United States, Texas (Jarrell area)
Network Classification: Residential, Non-Cloud, Non-CDN
Subnet: 170.39.89.0/24

## Threat Assessment

The IP address demonstrated a risk score of 25, categorized as Low Risk. Key findings:

Abuse Confidence Score: Not elevated
Blacklist Status: Listed on 1 of 8 DNSBL feeds
Known Attacker Status: Not flagged
Tor/Proxy Status: Not detected
Campaign Affiliation: No known campaign matches identified

## Neighborhood Analysis

The 170.39.89.0/24 subnet showed minimal abuse density with a "mostly clean" classification. Analysis revealed:

Abuse Density Score: 1 (minimal)
Threat Siblings: 1 threat-related IP identified in subnet
Inherited Risk: 2
Total Sibling IPs: 1
Active Siblings: 0

## Service Fingerprint

Open Ports: None detected
TLS Certificates: None
HTTP Service: No response headers captured
DNS Resolution: No PTR records, no forward resolution confirmed

## Historical Observation Timeline

Eighteen signal observations were recorded. Key temporal patterns:

June 25, 2026: Confirmed residential classification
June 4, 2026: Mixed residential/non-residential signals detected
Geographic Validation: ICMP validation blocked; geo consensus indicates plausible Texas location
Threat Persistence: No persistent malicious activity detected over observation period

## Network Relationships

All fourteen relationship links traced to HERITAGE-BROADBAND network infrastructure. No external organizational, hostname, or certificate relationships were established.

## Recommended Actions

Firewall Policy: Monitor but no immediate blocking required

Risk level supports continued traffic inspection
Subnet-level abuse density remains minimal
Single threat sibling detected warrants contextual monitoring

SOC Handling: This IP represents standard residential broadband infrastructure. No immediate threat mitigation required. Focus monitoring efforts on the identified threat sibling within the same /24 subnet.

---

*Intelligence produced by IPDebrief Platform. Analysis based on observed signals and threat intelligence data.*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	TX
City	Jarrell
Timezone	—
Latitude	30.82
Longitude	-97.59

🏢 Ownership & Registration

Organization	HERITAGE BROADBAND, LLC
ASN	AS398538
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Residential
Service Purpose	Residential Endpoint
Network Tier	End-User — Residential ISP endpoint

Residential

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	20%	2	3
routing	8%	1	1
services	8%	1	1
ownership	24%	2	3
reputation	19%	1	3
geolocation	27%	2	3
Overall	18%	9	14

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-08 11:10:00 UTC
Last Seen	2026-06-25 05:09:56 UTC
Profile Built	2026-06-25 05:15:45 UTC
Data Freshness	Live
Signal Types	18
Total Observations	19

🔍 18 signal types · 19 observations collected

This report is generated from 18+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

170.39.89.186📋 Copy