IP Intelligence Briefing: 173.239.211.135
Date: 2026-06-10
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership:
- ASN: 206092
- Organization: LogicWeb Inc. (LOGICWEB)
- Country: US
- Geolocation:
- City: New York, NY (US)
- Accuracy Radius: 2500 km
- Threat Indicators:
- No known malicious activity, spam, or attacker associations.
- Not listed in DNSBLs or threat feeds.
- Network Role:
- Firewalled / No Services
- Subnet: 173.239.211.0/24 (owned by LogicWeb Inc.)
---
**2. Observational History**
- Recent Activity (Last 30 Days):
- 15 observations, primarily DNS and network metadata.
- No spikes in threat signals or anomalous behavior.
- Stable geolocation and network routing.
- Key Signals:
- DNS resolution to `correoe.inbursa.com` (valid SPF/DMArc).
- BGP prefix `173.239.211.0/24` (operator score: 0.13).
---
**3. Relationships & Associations**
- Network Links:
- Same network as LOGICWEB (ASN 206092).
- DNS association with correoe.inbursa.com (hosted domain: inbursa.com).
- Certificates & Services:
- No TLS certificates or open ports detected.
- Server banner and HTTP title not available.
---
**4. Subnet Neighborhood**
- Subnet: 173.239.211.0/24
- Neighbor Risk Distribution:
- Low Risk: 8 IPs (0β25 score).
- Medium Risk: 4 IPs (25β50 score).
- High Risk: 0 IPs.
- Abuse Density: 0% (no malicious activity in subnet).
---
**5. Security Recommendations**
- Firewall Actions:
- Block IP via:
- iptables: `iptables -A INPUT -s 173.239.211.135 -j DROP`
- Cloudflare WAF: Block IP with risk score 50.
- AWS WAF: Add `173.239.211.135/32` to rule set.
- Monitoring:
- Watch neighbors with medium risk (e.g., 173.239.211.136, 173.239.211.140).
- Validate DNS associations (e.g., `correoe.inbursa.com`) for potential spoofing.
---
**6. Summary**
The IP 173.239.211.135 is associated with a legitimate organization (LogicWeb Inc.) and shows no direct malicious activity. However, its moderate risk score and medium-risk neighbors warrant cautious monitoring. Consider blocking the IP to mitigate potential lateral movement or subnet-based threats. Verify DNS and network relationships for deeper context.
Threat Level: Moderate | Action Required: Yes (block and monitor).
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | LogicWeb Inc. |
| ASN | AS206092 |
| Network Name | LOGICWEB |
| CIDR Block | 173.239.192.0/18 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | correoe.inbursa.com |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | correoe.inbursa.com |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-24 06:32:50 UTC |
| Last Seen | 2026-06-10 13:40:48 UTC |
| Profile Built | 2026-06-10 13:50:36 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 18 |
Full dossier details are available via our API.