173.234.225.70
IP Intelligence Briefing: 173.234.225.70
Date: 2026-06-14
---
**1. Risk Assessment**
- Overall Risk Score: Moderate (50/100)
- Provider Risk: Neutral (Leaseweb USA, Inc. hosting provider)
- Threat Indicators: No direct malicious activity observed (no malware, C2, or exploit signatures).
- Network Stability: Unstable BGP routes detected (route changes in last 30 days).
---
**2. Geolocation & Ownership**
- Location: Dallas, Texas, US (geolocation inferred with 2500km accuracy).
- ASN: AS394380 (Leaseweb USA, Inc., ARIN registry).
- Network Role: Hosting server (firewalled, no public services detected).
---
**3. Observed Activity**
- Recent Signals (Last 30 Days):
- 42 observations logged, including geolocation, network infrastructure, and threat intelligence.
- Pulse Count: 50 (indicates potential benign/noise, no confirmed malicious campaigns).
- DNSSEC Valid: Yes, but no DNS-based threats detected.
- Temporal Trends: No persistent malicious behavior; risk score stable.
---
**4. Relationships & Subnet Context**
- Linked Networks: Part of LU-79 subnet (Leaseweb infrastructure).
- Subnet Abuse Density: 0.8359 (high abuse risk in sibling IPs).
- Neighboring IPs (173.234.225.0/24):
- 100 total IPs, 75% with moderate risk scores.
- 214 threat-associated sibling IPs detected.
---
**5. Actionable Insights**
- Monitor Subnet: High abuse density in 173.234.224.0/22 suggests potential for lateral movement or shared infrastructure risks.
- Verify Hosting: Confirm Leasewebβs compliance with security standards for hosted servers.
- Firewall Rules: Block outbound traffic to this IP unless explicitly required (no open services detected).
- Investigate Pulsedive/OTX: Review 50+ pulse names for false positives or benign traffic patterns.
---
Conclusion: This IP is a low-risk hosting server, but its subnet exhibits high abuse density. SOC teams should prioritize monitoring the broader network segment for anomalous activity. No immediate mitigation required, but continuous observation is recommended.
Tools Used: `ipdebrief_profile`, `ipdebrief_history`, `ipdebrief_relationships`, `ipdebrief_neighbors`.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Leaseweb USA, Inc. |
| ASN | AS394380 |
| Network Name | β |
| CIDR Block | 173.234.225.0/24 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 48% | 2 | 9 |
| services | 15% | 2 | 2 |
| ownership | 35% | 3 | 5 |
| reputation | 28% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 31% | 12 | 26 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:05:01 UTC |
| Last Seen | 2026-06-27 10:01:36 UTC |
| Profile Built | 2026-06-28 04:07:31 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 52 |
Full dossier details are available via our API.