IPDebrief

173.255.226.138

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# THREAT INTELLIGENCE BRIEFING

Target IP: 173.255.226.138/32

Classification: Cloud Infrastructure / Low Risk

Date: Current Intelligence Cycle

Prepared For: SOC Operations

---

## EXECUTIVE SUMMARY

IP address 173.255.226.138 is a low-risk cloud infrastructure endpoint hosted on Linode (ASN 63949) in the United States. The IP resolves to a single hostname (mail.flirtmotion.xyz) and shows no active threat indicators, open services, or malicious behavior patterns. Network abuse density is minimal, and the address demonstrates stable routing and ownership characteristics.

---

## INFRASTRUCTURE PROFILE

AttributeValue
**Provider**Linode
**ASN**63949
**Country**US (NJ)
**Infrastructure Type**CloudCompute
**Risk Score**25 / 100 (Low Risk)
**Classification**Cloud Hosting / Firewalled

Geolocation: The IP is located in Cedar Knolls, New Jersey. Geographic data shows high consensus across multiple sources with plausible validation.

---

## NETWORK CHARACTERISTICS

Routing Stability: The BGP route (173.255.224.0/20) is stable with no changes in the last 30 days. The origin ASN 63949 routes through AS22652. RPKI validation state is unavailable.

Control Plane: DNSSEC is valid. Route stability is confirmed with no route changes observed. The IP is not classified as MOAS (Multiple Origin Autonomous System).

---

## THREAT ASSESSMENT

Current Threat Status: No active threats detected.

IndicatorStatus
Is Tor Exit NodeNo
Is Known AttackerNo
Is Spam SourceNo
Blacklist Count0
Open Ports/ServicesNone
TLS CertificatesNone
DNSBL Listings1 of 8 lists

Abuse Confidence: No confidence score available. No known attack campaigns correlated.

---

## DNS & EMAIL REPUTATION

Resolved Hostname: mail.flirtmotion.xyz

DNS AttributeStatus
Forward ResolutionConfirmed
PTR Recordmail.flirtmotion.xyz
SPF RecordNot configured
DMARC RecordNot configured
TXT Records0

Email Reputation: No sender score available. No email reputation data populated.

---

## OBSERVATION HISTORY

Total historical observations: 26

Recent Activity (2026-06-15):

Temporal Indicators:

The IP demonstrates consistent infrastructure characteristics with no degradation or escalation in risk profile over the observation period.

---

## NEIGHBORHOOD ANALYSIS

Subnet: 173.255.226.138/24

MetricValue
Abuse Density0 (Low)
ClassificationMostly Clean
High Risk Neighbors0
Medium Risk Neighbors0
Low Risk Neighbors0

No neighboring IPs flagged for abuse. The /24 subnet shows minimal inherited risk.

---

## RELATIONSHIP MAPPING

Primary Associations:

---

## RECOMMENDED ACTIONS

Based on the low-risk profile, the following actions are recommended:

1. Monitoring: Continue standard log monitoring. No immediate blocking required.

2. Allow Rules: No firewall rules required for outbound connections.

3. Email Policy: If mail.flirtmotion.xyz is used for email, configure SPF and DMARC records.

4. Threat Intelligence: No enrichment or threat feed subscription necessary at this time.

---

## INTELLIGENCE CONCLUSION

IP 173.255.226.138 is a benign cloud infrastructure endpoint with no evidence of malicious activity. The IP demonstrates stable routing, legitimate hosting provider infrastructure, and no correlation with known threat campaigns. Current risk assessment is LOW. No immediate defensive actions required beyond standard monitoring practices.

---

END OF BRIEFING

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡Έ United States
RegionNJ
CityCedar Knolls
Timezoneβ€”
Latitude40.82
Longitude-74.46

🏒 Ownership & Registration

OrganizationLinode
ASNAS63949
Network Nameβ€”
CIDR Block173.255.224.0/20
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRmail.flirtmotion.xyz
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamesmail.flirtmotion.xyz

πŸ” DNS Hygiene

Hygiene Score40% (Fair)
SPFNot configured
DMARCNot configured
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierTier 3 β€” Basic operator with some routing infrastructure
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
33%
24
routing
27%
23
services
25%
24
ownership
35%
36
reputation
28%
13
geolocation
33%
23
Overall30%1223
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-17 03:07:49 UTC
Last Seen2026-06-28 04:20:27 UTC
Profile Built2026-06-28 22:24:53 UTC
Data FreshnessLive
Signal Types26
Total Observations34
πŸ” 26 signal types Β· 34 observations collected
This report is generated from 26+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.