198.98.50.199📋 Copy

# IP Intelligence Briefing: 198.98.50.199

Classification: Moderate Risk / Tor Exit Node

Risk Score: 59/100

Date: 2026-06-20

---

## Executive Summary

IP 198.98.50.199 presents as a Tor exit node with moderate risk characteristics. The IP is registered to FranTech Solutions (ASN 53667) in Staten Island, NY. Key threat indicators include Tor exit node classification, a single blacklist listing, and one threat sibling in the local /24 subnet. The IP demonstrates persistent network-level routing with stable BGP prefix propagation.

---

## IP Profile & Ownership

• IP Address: 198.98.50.199/32
• Risk Score: 59/100 (Moderate Risk)
• Provider Score: 0
• Authority Score: 0
• Stability Score: 0
• Organization: FranTech Solutions
• ASN: 53667
• Registration RIR: ARIN
• Abuse Contact: Available via RDAP

---

## Geolocation Analysis

• Country: United States (US)
• Region: New York (NY)
• City: Staten Island
• Geographic Confidence: Plausible (GeoSource Count: 1, Consensus: True)
• Accuracy Radius: 2500 km

---

## Threat Indicators

Threat Feed Observations: Tor exit indicators observed. The IP resolves to `tor-exit.cyberjake.xyz` via forward DNS resolution.

---

## Network Classification

• Role: Tor Exit Nodes
• Infrastructure Type: Not Classified
• Cloud Provider: No
• CDN: No
• VPN: No
• Proxy: No
• Hosting: No
• Mobile: No
• Residential: No
• Bogon: No
• Anycast: No

Service Status: Firewalled / No Services Detected

---

## DNS Analysis

• PTR Hostname: tor-exit.cyberjake.xyz
• Forward Resolution: tor-exit.cyberjake.xyz (Count: 1)
• Forward Confirmed: No
• Hosted Domain Count: 0
• Email Authentication: SPF: Yes, DMARC: Yes
• TXT Record Count: 0

---

## Control Plane & Routing

• Origin ASN: 53667
• BGP Prefix: 198.98.48.0/20
• AS Path: 6939 → 53667
• RPKI State: Not Available
• IRR Consistency: Not Available
• Route Changes (30d): 0
• Route Stability: Stable
• DNSSEC Valid: Yes
• DNSBL Listed: 1/8 total lists

Delegation Age: 5,667 days (~15.5 years)

---

## Observation History

Total Signals Observed: 57

Recent Activity (2026-06-20):

• 06:49:17 UTC – Basic classification signal (Operator Score: 0.2609)
• 12:50:41 UTC – Basic classification signal (Operator Score: 0.2609)

The IP maintains consistent classification signals across multiple observation windows with stable routing characteristics. No significant threat escalation detected in historical data.

---

## Neighborhood Analysis (/24 Subnet)

• Subnet: 198.98.50.0/24
• Abuse Density: 0.5
• Classification: Mostly Clean
• Total Siblings: 2
• Active Siblings: 2
• Threat Siblings: 1
• Inherited Risk: 2

Neighbor Risk Distribution:

Notable Neighbor: 198.98.50.7 (Risk Score: 40, Authority Score: 60)

---

## Related Entities

Network Relationships: 332 total relationships identified

• Primary association: PONYNET-06 (Multiple entries)
• No direct hostname, organization, or certificate relationships beyond network-level associations

---

## Recommended Security Actions

Access Control

Firewall Rules

iptables:

```bash

iptables -A INPUT -s 198.98.50.199 -j DROP

```

nftables:

```bash

nft add rule inet filter input ip saddr 198.98.50.199 drop

```

nginx:

```nginx

deny 198.98.50.199;

```

pfSense:

```

198.98.50.199/32

```

Cloudflare WAF:

```json

{"description":"Block 198.98.50.199 — IPDebrief risk score 59","action":"block","filter":{"expression":"ip.src eq 198.98.50.199"}}

```

AWS WAF:

```json

{"Addresses":["198.98.50.199/32"],"Description":"IPDebrief risk 59"}

```

---

## Assessment Summary

IP 198.98.50.199 operates as a Tor exit node with moderate risk profile. The single blacklist listing, Tor exit classification, and one threat sibling in the local subnet warrant defensive measures. Recommended actions include enhanced logging for traffic analysis and consideration of blocking at perimeter controls. The IP demonstrates stable routing and no recent escalation in threat activity.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.