173.255.214.44

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 173.255.214.44

Date: 2026-06-12

---

1. Profile Summary

Risk Score: Moderate (50/100)
Ownership: Hosted by Linode (ASN 63949), registered to LINODE.
Geolocation:

- Country: US (New York, NY).

- GeoPlausible: False (RTT anomalies suggest potential misclassification).

Network Role: Cloud-hosted server (Linode infrastructure).
Services:

- Open SSH port (22/tcp) with banner: `SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15`.

- No TLS certificates or HTTP services detected.

---

2. Threat Observations

No Malicious Indicators:

- No detected spam, attacker campaigns, or blacklist entries.

- Zero threat feeds or abuse confidence scores.

DNS Associations:

- Linked to `prod-barium-us-west-10.li.binaryedge.ninja` (likely legitimate).

- No DNSBL listings or domain-based threats.

---

3. Historical Activity

Recent Observations (Last 30 Days):

- DNS Resolution: Stable (1 observation).

- Network Classification: Consistently classified as "mostly_clean" (no abuse).

- SSH Scans: Detected open port 22/tcp (June 1, 2026).

- Geolocation Anomalies: RTT discrepancies (82ms vs. expected 176.9ms for 8844km distance).

---

4. Network Relationships

Subnet: 173.255.214.44/24.
Neighbors: No active IPs in the subnet (0 siblings).
Key Relationships:

- Same network as Linode (ASN 63949).

- DNS-linked to binaryedge.ninja (hostname `prod-barium-us-west-10.li.binaryedge.ninja`).

---

5. Risk Assessment

Abuse Density: 0 (no malicious activity in subnet).
Inherited Risk: Low (no correlated threats).
Stability: Unstable (geoPlausible flag and RTT anomalies).

---

6. Recommended Actions

1. Monitor SSH Activity: Track access to port 22/tcp for unauthorized access.

2. Verify Geolocation: Investigate RTT anomalies for potential spoofing or misclassification.

3. Check DNS Associations: Ensure `binaryedge.ninja` is a legitimate service.

4. Watch for Subnet Changes: No neighbors detected, but monitor for future subnet activity.

---

Conclusion: The IP is a legitimate Linode-hosted server with no current malicious indicators. However, geolocation inconsistencies and limited subnet activity warrant further monitoring.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	CA
City	Fremont
Timezone	—
Latitude	37.55
Longitude	-121.99

🏢 Ownership & Registration

Organization	Linode
ASN	AS63949
Network Name	LINODE
CIDR Block	173.255.192.0/18
RIR	ARIN
Country	United States
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	prod-barium-us-west-10.li.binaryedge.ninja
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`prod-barium-us-west-10.li.binaryedge.ninja`

🔐 DNS Hygiene

Hygiene Score	60% (Good)
SPF	Present
DMARC	Not configured
FCrDNS	Verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Single-Service Host
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
22	ssh	tcp	SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15
Closed Ports	25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned)

Server	—
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	38%	2	5
routing	13%	1	1
services	19%	2	2
ownership	27%	2	3
reputation	22%	1	3
geolocation	27%	2	3
Overall	24%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mostly Consistent (80%) — 1 contradiction(s)
Attribution	Moderate (55%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Claimed geolocation contradicts RTT physics measurement

📅 Observation Timeline 🔄 Live

First Seen	2026-05-30 10:58:23 UTC
Last Seen	2026-06-29 07:34:59 UTC
Profile Built	2026-06-29 07:42:47 UTC
Data Freshness	Live
Signal Types	23
Total Observations	24

🔍 23 signal types · 24 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

173.255.214.44📋 Copy

**1. Profile Summary**

**2. Threat Observations**

**3. Historical Activity**

**4. Network Relationships**

**5. Risk Assessment**

**6. Recommended Actions**