IPDebrief

209.141.58.150

IP Intelligence Dossier
Your IP: 216.73.217.135
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Threat Intelligence Briefing: 209.141.58.150

Classification: Moderate Risk (Score: 55/100)

Date: 2026-06-14

Prepared For: SOC Operations Team

---

## Executive Summary

IP 209.141.58.150 is a colocation hosting address under FranTech Solutions (ASN 53667) with moderate risk characteristics. The IP is firewalled with no active services, but exhibits DNSBL listings and moderate abuse density within its /24 subnet. Recommended action is monitoring and selective blocking based on organizational risk tolerance.

---

## Infrastructure Profile

AttributeValue
**IP Address**209.141.58.150/32
**Organization**FranTech Solutions
**ASN**53667
**RIR**ARIN
**Location**Las Vegas, NV, US
**Infrastructure Type**Colocation Hosting (BuyVM)
**Risk Score**55/100
**Abuse Confidence**Moderate

---

## Technical Indicators

DNS & Hostname Resolution

Network Control Plane

Service Exposure

---

## Threat Indicators

Behavioral Observations

---

## Neighborhood Analysis

MetricValue
**Subnet**209.141.58.0/24
**Abuse Density**0.5 (50%)
**Subnet Classification**mostly_clean
**Total Siblings**2
**Active Siblings**1
**Threat Siblings**1

Neighbor IP: 209.141.58.254 (Risk Score: 59)

---

## Relationship Graph

---

## Recommended Security Actions

Immediate Actions (High Severity)

1. Increase logging verbosity for all traffic from 209.141.58.150

2. Review recent activity and correlate with internal logs

Firewall Implementation

iptables:

```bash

iptables -A INPUT -s 209.141.58.150 -j DROP

```

nftables:

```bash

nft add rule inet filter input ip saddr 209.141.58.150 drop

```

nginx:

```nginx

deny 209.141.58.150;

```

Cloudflare WAF:

```json

{

"description": "Block 209.141.58.150 β€” IPDebrief risk score 55",

"action": "block",

"filter": {"expression": "ip.src eq 209.141.58.150"}

}

```

AWS WAF:

```json

{

"Addresses": ["209.141.58.150/32"],

"Description": "IPDebrief risk 55"

}

```

---

## Threat Intelligence Narrative

IP 209.141.58.150 represents a moderate-risk infrastructure address associated with FranTech Solutions' BuyVM colocation hosting environment. The IP is geolocated to Las Vegas, Nevada, and resolves to the hostname reaching.reconquistex.com. Despite no active service exposure, the address maintains three DNSBL listings and shows elevated operator scores (0.1304) indicating minimal operator trust.

The subnet abuse density of 50% suggests moderate risk propagation within the /24 block, with one additional sibling IP (209.141.58.254) carrying a higher risk score of 59. Network relationships indicate strong association with PONYNET-04, suggesting potential network-level routing or infrastructure consolidation.

Recent observation history reveals 21 signal events, including geolocation triangulation and threat pulse correlations. The presence of `has_threats: true` in one signal warrants defensive monitoring. The route stability flag being false indicates potential BGP routing fluctuations that could affect traffic patterns.

Assessment: This IP does not represent an immediate threat but should be monitored due to moderate risk score, DNSBL presence, and neighborhood abuse density. Blocking is recommended for high-security environments; logging and monitoring is acceptable for general operations.

---

Data Sources: IPDebrief Intelligence Platform

Confidence Level: Moderate (0.19-0.75 historical confidence range)

Last Updated: 2026-06-14

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡Έ United States
RegionNV
CityLas Vegas
Timezoneβ€”
Latitude36.10
Longitude-115.14

🏒 Ownership & Registration

OrganizationFranTech Solutions
ASNAS53667
Network Nameβ€”
CIDR Blockβ€”
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRreaching.reconquistex.com
Forward ConfirmedNo β€” PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnamesreaching.reconquistex.com

πŸ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierHosting β€” Infrastructure provider without advanced routing
Hosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
35%
23
routing
8%
11
services
15%
22
ownership
20%
23
reputation
21%
12
geolocation
27%
23
Overall21%1014
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-11 08:58:29 UTC
Last Seen2026-06-27 19:12:43 UTC
Profile Built2026-06-28 13:19:53 UTC
Data FreshnessLive
Signal Types22
Total Observations27
πŸ” 22 signal types Β· 27 observations collected
This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.