173.234.225.190
IP Intelligence Briefing: 173.234.225.190
*Generated via IPDebrief tools*
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership: Leaseweb USA, Inc. (ASN 394380)
- Geolocation: Dallas, TX, US (ARIN-registed, 2500km accuracy radius)
- Network Role: Colocation Hosting (Firewalled / No Services)
- Threat Indicators: No malicious activity detected (no abuse reports, spam, or known campaigns).
---
**2. Observation History**
- Recent Activity:
- Last observed on 2026-06-14 (confidence: 0.35).
- Stability score: 0.26 (Basic operator label).
- Geo validation inconclusive due to ICMP blocking.
- Trend: No persistent malicious behavior; threat observation count: 1.
---
**3. Relationships**
- Linked Entities:
- Subnet: `LU-79` (repeatedly referenced in relationships).
- No direct links to domains, certificates, or organizations.
- Network Context: Part of a hosting provider's infrastructure, no peer-to-peer or CDN relationships.
---
**4. Neighborhood Analysis**
- Subnet: `173.234.225.0/24`
- Abuse Density: 0.8359 (High abuse classification).
- Neighbor Risk:
- 100 total IPs in subnet.
- 214 threat-sibling IPs (21.4% of subnet).
- 179 active IPs (83.59% abuse density).
---
**5. Recommendations**
- Monitor Subnet: The subnet has high abuse density; investigate neighboring IPs for potential compromised hosts.
- Verify Hosting Provider: Leaseweb USA, Inc. is a legitimate provider, but ensure their security practices align with your network policies.
- Geolocation Validation: ICMP blocking may indicate network restrictions; validate IP legitimacy via alternative methods (e.g., DNS probes).
---
Conclusion:
The IP is part of a hosting provider's network with no direct malicious activity. However, its subnet exhibits high abuse density, warranting closer scrutiny. SOC teams should monitor for anomalies in the subnet and verify the hosting provider's security posture.
*Data sourced from IPDebrief tools as of 2026-06-14.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Leaseweb USA, Inc. |
| ASN | AS394380 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 32% | 1 | 4 |
| services | 17% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 26% | 10 | 20 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:05:02 UTC |
| Last Seen | 2026-06-27 10:21:49 UTC |
| Profile Built | 2026-06-28 04:27:09 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 54 |
Full dossier details are available via our API.