172.56.177.232
IP Intelligence Briefing: 172.56.177.232
Date: 2026-06-07
**Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: T-Mobile USA, Inc. (ASN: AS21928)
- Geolocation: Riverside, California, US (latitude: 37.751, longitude: -97.822)
- Network Role: Mobile Carrier (LTE/5G)
- Threat Indicators: No detected malicious activity, spam, or known attacker associations.
**Observation History**
- Recent Activity (June 7, 2026):
- Confirmed as a T-Mobile IP with low-risk reputation.
- One threat pulse detected (confidence: 75%) but no actionable indicators.
- Historical Trends:
- No persistent threats or ownership changes.
- Subnet (172.56.176.0/23) shows minimal abuse density (0%).
**Relationships**
- Linked Entities:
- T-Mobile network segment "TMO9" (repeatedly referenced in relationships).
- No connections to hostnames, domains, or certificates.
- Network Classification: Clean, no inherited risk.
**Neighborhood Analysis**
- Subnet: 172.56.177.232/24
- Neighbor Count: 0 active IPs in subnet (isolated host or sparse utilization).
- Abuse Density: 0% (low risk for neighboring IPs).
**Recommendations**
1. Monitor for Anomalies: Track the IP for unexpected traffic patterns or new threat indicators.
2. Verify Context: Confirm if the "threat pulse" observed on June 7 is tied to legitimate mobile network operations.
3. Check Subnet Health: Ensure TMO9 subnet remains clean, as no neighboring IPs are active.
Conclusion: This IP is part of T-Mobile's mobile infrastructure with no current malicious activity. However, the isolated nature of the subnet and the recent low-confidence threat pulse warrant continued monitoring. No immediate action required, but maintain visibility for potential changes.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | T-Mobile USA, Inc. |
| ASN | AS21928 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 17% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-15 08:43:25 UTC |
| Last Seen | 2026-06-07 12:11:03 UTC |
| Profile Built | 2026-06-07 12:23:04 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 23 |
Full dossier details are available via our API.