## IP Intelligence Briefing: 216.151.130.85/32
Classification: Moderate Risk (Score: 40) | Organization: Cisco Webex LLC (ASN: 13445)
Location: San Jose, CA, US | Status: Firewalled / No Services Detected
---
Executive Summary
IP address 216.151.130.85 is assigned to Cisco Webex LLC, a legitimate enterprise communications provider. The IP exhibits a moderate risk score (40) despite being associated with a reputable infrastructure provider. No active threat indicators, malicious campaigns, or known attacker indicators were detected. The address is currently firewalled with no open services.
---
Ownership & Infrastructure
- Organization: Cisco Webex LLC
- ASN: 13445 (WEBEX - Cisco Webex LLC)
- CIDR Block: 216.151.128.0/20
- Geolocation: San Jose, California, United States
- Registration: ARIN (Allocated: 2017-10-03)
- Control Plane: BGP prefix 216.151.128.0/20; Route stability flagged as false
Network Services & DNS
- Open Ports: None detected
- DNS Resolution: Inactive (forward resolution failed)
- Email Auth: No SPF or DMARC records
- Service Purpose: Firewalled / No Services
- HTTP/HTTPS: No TLS certificate or server banner detected
Threat Indicators
- Blacklist Count: 0
- Known Campaigns: None detected
- Tor Exit Node: False
- Known Attacker: False
- Spam Source: False
- Abuse Confidence: Not applicable
- Threat Feeds: None active
- DNSBL Listed: 1 of 8 lists checked
---
Risk Analysis
The moderate risk score (40) is anomalous for a legitimate enterprise communications provider. Contributing factors:
1. Route Instability: BGP route flagged as not stable (isRouteStable: false)
2. DNSBL Listing: Listed on 1 of 8 DNS blacklists
3. Operator Score: 0.1304 (Minimal operator influence)
4. Neighborhood Context: Subnet 216.151.130.0/24 shows mixed risk profile:
- 100 neighbor IPs scanned
- Risk distribution: 51 Medium, 49 Low, 0 High
- Abuse density: 0
- Neighbor risk scores consistently 25 with authority score 50
---
Observations & History
- Total Observations: 45 signals recorded
- Ownership Consistency: No ownership changes detected
- Recent Activity: Multiple observations confirm ASN 13445 allocation
- Operator Score Trend: Consistently "Minimal" across recent observations
- Threat Persistence: 0 days (not persistently malicious)
- Campaign Likelihood: None
---
Relationships
- Total Relationships: 147
- Network Affiliations: Multiple "Same Network" relationships to CS-1711 network identifiers
- No Certificate or Hostname Associations detected in relationship graph
---
Recommended Actions
SOC Analyst Guidance:
- Monitor for route stability changes
- Verify if DNSBL listing is legitimate (potential false positive for enterprise IP)
- No immediate blocking required; IP is associated with legitimate provider
- If this IP appears in threat logs, verify context (likely legitimate traffic or compromised endpoint using provider infrastructure)
- Consider allowlisting for Cisco Webex traffic if previously blocked
Priority: LOW (Legitimate enterprise provider with anomalous risk score)
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cisco Webex LLC |
| ASN | AS13445 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 20% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 27% | 1 | 3 |
| geolocation | 31% | 2 | 3 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:05:13 UTC |
| Last Seen | 2026-06-26 18:12:10 UTC |
| Profile Built | 2026-06-27 07:22:26 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 46 |
Full dossier details are available via our API.