173.234.225.35
IP Intelligence Briefing: 173.234.225.35
Date: 2026-06-14
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Provider: Choopa/GameServers (Leaseweb USA, Inc., ASN 394380)
- Geolocation: Dallas, TX, US (ARIN-regulated)
- Network Role: Hosting (Firewalled / No Services)
- Threat Indicators: No direct malicious activity detected (no indicators, blacklists, or campaigns).
---
**2. Observation History**
- Latest Observation (2026-06-14):
- Confirmed as a hosting provider with no CDN, Tor, VPN, or residential signs.
- Reputation score of 0 (no threat sources flagged).
- Historical Trends:
- No persistent malicious activity; threat observation count is 0.
- Stability score indicates inconsistent routing (route stability: false).
---
**3. Relationships & Subnet**
- Network Affiliation:
- Part of subnet 173.234.225.35/24 (256 total IPs, 179 active).
- Abuse Density: 0.8359 (high abuse risk in subnet).
- Neighbor Risk: 100% of neighbors have a medium risk score (50).
- Shared Network:
- Linked to network LU-79 (likely Leaseweb infrastructure).
---
**4. Security Recommendations**
- Firewall Rules (Sample):
- iptables: `iptables -A INPUT -s 173.234.225.35 -j DROP`
- Cloudflare WAF: Block IP with rule `ip.src eq 173.234.225.35`
- AWS WAF: Add `173.234.225.35/32` to a new rule.
- SOC Actions:
- Monitor subnet for changes in abuse density or new threat indicators.
- Validate geolocation and network ownership via RDAP for confirmation.
---
**5. Summary**
The IP is associated with a hosting provider (Leaseweb) and shows no direct malicious activity. However, its subnet (173.234.224.0/22) has a high abuse density, suggesting potential risks in the broader network. While the IP itself is not flagged as malicious, its environment warrants closer scrutiny. Implementing blocking rules and monitoring subnet activity are recommended.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Leaseweb USA, Inc. |
| ASN | AS394380 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 45% | 2 | 3 |
| routing | 43% | 1 | 7 |
| services | 8% | 1 | 1 |
| ownership | 20% | 2 | 3 |
| reputation | 22% | 1 | 2 |
| geolocation | 30% | 2 | 3 |
| Overall | 28% | 9 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:05:01 UTC |
| Last Seen | 2026-06-27 09:55:44 UTC |
| Profile Built | 2026-06-28 04:01:45 UTC |
| Data Freshness | Live |
| Signal Types | 16 |
| Total Observations | 46 |
Full dossier details are available via our API.