193.122.253.109

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP INTELLIGENCE BRIEFING: 193.122.253.109

Classification: Oracle Cloud Infrastructure — Low Risk

Report Date: 2026-06-29

Analyst: IPDebrief Intelligence

---

EXECUTIVE SUMMARY

IP address 193.122.253.109 is a cloud compute endpoint belonging to Oracle Public Cloud (ASN 31898, Netname: OC-195). The IP maintains a Low Risk reputation with a risk score of 25. While the IP hosts one domain (lgwble.eu.org), threat indicators remain minimal. The subnet 193.122.253.0/24 demonstrates clean classification with zero abuse density and no threat siblings.

OWNERSHIP AND GEOLOCATION

Organization: Oracle Public Cloud
ASN: 31898
Country: United States (US)
Region: Virginia (VA)
City: Ashburn
CIDR Block: 193.122.0.0/16
Registration: RIR (RIPE)

NETWORK ROLE

Infrastructure Type: Cloud Compute
Connection Type: Cloud Hosting
Classifications: Cloud provider, hosting infrastructure
Not Classified: CDN, VPN, proxy, Tor exit node, mobile carrier

THREAT ASSESSMENT

Reputation Score: Low Risk (25/100)
Abuse Confidence Score: Not available
Threat Indicators: None detected
Blacklist Count: 0
Campaign Likelihood: None
Known Attacker: False
Spam Source: False

SERVICES AND DNS

Open Ports: TCP/443 (HTTPS)
Hosted Domain: lgwble.eu.org
TLS Certificate: Not available
Email Auth: SPF and DMARC records not configured
Forward Resolution: No forward confirmed resolution

CONTROL PLANE OBSERVATIONS

Route Stability: Not stable
BGP Prefix: 193.122.128.0/17
Route Changes (30d): 0
DNSBL Listed: 1 of 8 total lists
Operator Score: 0.1304 (Minimal)
RPKI State: Not available
Route Changes: None observed

GEOLOCATION VALIDATION

RTT Check: Violation detected — 50ms observed RTT vs. minimum 126.4ms required for 6,318km distance
Probe Count: 2
Source: Multiple geolocation sources (consensus: true)

HISTORICAL OBSERVATIONS

The IP accumulated 23 historical observations. Recent activity includes:

2026-06-29: Threat signals detected (4 pulses) via AlienVault OTX
2026-06-21: Subnet classification as "clean" with zero abuse density
2026-06-21: Oracle Cloud infrastructure confirmed via BGP
2026-06-21: Connection failures observed on HTTPS probe
Geographic Inference: Cymru country data placed in US region

SUBNET NEIGHBORHOOD ANALYSIS

Subnet: 193.122.253.0/24
Total Siblings: 1
Active Siblings: 1
Threat Siblings: 0
Abuse Density: 0 (clean)
Inherited Risk: 0
Risk Distribution: High (0), Medium (0), Low (0)

RECOMMENDED ACTIONS

Based on the risk profile and control plane data, the following actions are recommended:

1. Monitoring: Continue monitoring due to historical threat signals and unstable routing

2. Allow Rules: Permitted for legitimate Oracle Cloud traffic; no blocking required

3. Geo-Filtering: Consider geo-IP filtering if legitimate traffic does not originate from US/Virginia region

4. DNSBL Monitoring: Monitor for DNSBL listing changes (currently listed on 1 of 8 lists)

5. RTT Anomaly: Investigate RTT validation discrepancy if high-precision geolocation is required

INTELLIGENCE CONCLUSION

IP 193.122.253.109 represents a legitimate Oracle Cloud Infrastructure endpoint with minimal risk characteristics. The IP shows historical threat signals but maintains current clean classification. No immediate blocking is warranted. Standard cloud security practices and ongoing monitoring are recommended.

---

*Report generated using IPDebrief Intelligence Platform*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	VA
City	Ashburn
Timezone	—
Latitude	39.02
Longitude	-77.54

🏢 Ownership & Registration

Organization	Oracle Public Cloud
ASN	AS31898
Network Name	OC-195
CIDR Block	193.122.0.0/16
RIR	RIPE
Country	United States
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Hosted Domain	lgwble.eu.org

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
443	https	tcp	—
Closed Ports	22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	27%	2	3
routing	13%	1	1
services	27%	2	3
ownership	27%	2	3
reputation	13%	1	2
geolocation	27%	2	3
Overall	22%	10	15

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mostly Consistent (80%) — 1 contradiction(s)
Attribution	Low (35%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Claimed geolocation contradicts RTT physics measurement

📅 Observation Timeline 🔄 Live

First Seen	2026-06-01 23:54:07 UTC
Last Seen	2026-06-29 10:14:14 UTC
Profile Built	2026-06-29 10:22:10 UTC
Data Freshness	Live
Signal Types	22
Total Observations	22

🔍 22 signal types · 22 observations collected

This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

193.122.253.109📋 Copy