216.151.130.14

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 216.151.130.14/32

Classification: Moderate Risk / High-Abuse Subnet Context

Date: 2026-06-24

Analysis Period: Current observations (47 historical signals)

## Executive Summary

IP address 216.151.130.14 is assigned to Cisco Webex LLC (ASN 13445) with a moderate risk score of 40. The IP operates within subnet 216.151.130.0/24, classified as high_abuse with 256 total sibling IPs and 158 active. While the target IP shows no direct threat indicators, its subnet-level abuse density warrants contextual monitoring.

## Ownership & Geolocation

Organization: Cisco Webex LLC
ASN: 13445
Country: United States (US)
Region: California (CA)
City: San Jose
Geolocation Confidence: 35% (accuracy radius: 2,500 km)
Registration: ARIN

## Risk Assessment

Overall Risk Score: 40/100 (Moderate)
Operator Score: 0.1304 (Minimal)
Abuse Confidence Score: Not populated
Blacklist Count: 0 (current)
DNSBL Listed: 1 of 8 total lists

## Network & Service Analysis

Service Purpose: Firewalled / No Services
Open Ports: None detected
TLS Certificate: None
HTTP Title: None
CDN/Cloud/Proxy/VPN: No classification detected

## Threat Indicators

Known Attacker: False
Tor Exit Node: False
Spam Source: False
Known Campaigns: None detected
Cert Matches: 0
Banner Matches: 0
Correlated IPs: 0

## Subnet Context (216.151.130.0/24)

Abuse Density: 1.0 (high_abuse classification)
Total Siblings: 256
Active Siblings: 158
Sample Neighbor Risk Distribution: 100 medium-risk IPs observed (40/50 risk/authority scores)
Threat Siblings: 256 identified

## Historical Observations (47 Total Signals)

Recent observations indicate consistent minimal-risk operator scoring across multiple timeframes:

2026-06-24 18:05:35 UTC — Minimal operator score (0/8)
2026-06-24 12:03:43 UTC — Minimal operator score (0/8)
2026-06-24 06:01:47 UTC — Minimal operator score (0/8)
Geographic signals observed with US classification (confidence 0.35)

## Control Plane & Routing

BGP Prefix: 216.151.128.0/20
Origin ASN: 13445
Route Stability: False (0 route changes in 30 days)
RPKI State: Not evaluated
IRR Consistency: Not evaluated
DNSSEC: Valid

## Recommended Actions for SOC Analysts

1. Contextual Monitoring: Monitor subnet 216.151.130.0/24 for elevated activity given high_abuse classification despite target IP's clean profile.

2. Baseline Establishment: Establish traffic baselines for Cisco Webex traffic from this subnet; deviations may indicate misconfigured services or policy violations.

3. DNSBL Verification: Investigate the 1 DNSBL listing associated with this IP.

4. Neighbor Correlation: Cross-reference activity with 158 active sibling IPs in the /24 block for coordinated behavior patterns.

## Risk Determination

Current Threat Level: LOW-MODERATE

Primary Concern: Subnet-level abuse context rather than direct threat indicators from target IP.

Recommended Action: Monitor but no immediate blocking required unless activity patterns deviate from established Cisco Webex baselines.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	CA
City	San Jose
Timezone	—
Latitude	37.75
Longitude	-97.82

🏢 Ownership & Registration

Organization	Cisco Webex LLC
ASN	AS13445
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Unknown
Service Purpose	Firewalled / No Services
Network Tier	Unknown — Insufficient routing data to classify

No specific classification

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	31%	2	4
routing	20%	1	1
services	15%	2	2
ownership	20%	2	3
reputation	30%	1	3
geolocation	28%	2	3
Overall	24%	10	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:05:13 UTC
Last Seen	2026-06-26 18:12:09 UTC
Profile Built	2026-06-27 07:36:47 UTC
Data Freshness	Live
Signal Types	21
Total Observations	48

🔍 21 signal types · 48 observations collected

This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

216.151.130.14📋 Copy