216.151.137.111
# IP INTELLIGENCE BRIEFING
Target: 216.151.137.111/32
Date: 2026-06-24
Classification: Defensive Security Assessment
---
## EXECUTIVE SUMMARY
IP 216.151.137.111 is a legitimate infrastructure address owned by Cisco Webex LLC (ASN 13445). The IP presents as Low Risk with no active threat indicators. The address is currently firewalled with no accessible services. Network context indicates this is part of a Cisco-managed /20 block (216.151.128.0/20) with moderate neighborhood activity levels.
---
## OWNERSHIP & INFRASTRUCTURE
| Attribute | Value |
|---|---|
| **Organization** | Cisco Webex LLC |
| **ASN** | 13445 |
| **CIDR Block** | 216.151.128.0/20 |
| **Geolocation** | New York, NY, US |
| **RIR** | ARIN |
| **Registration** | 2017-10-03 |
| **Network Type** | Corporate/Enterprise |
---
## THREAT ASSESSMENT
Risk Score: 0.0 (Low Risk)
Abuse Confidence: Not applicable
Blacklist Status: 0 listings
Tor Exit Node: No
Known Attacker: No
Spam Source: No
Active Campaigns: None detected
The IP shows no evidence of malicious activity. Threat feeds and reputation sources contain no adversarial indicators.
---
## NETWORK SERVICES
| Service Category | Status |
|---|---|
| **Open Ports** | None detected |
| **HTTP/HTTPS** | No web services |
| **DNS** | No hosted domains |
| **TLS Certificates** | None |
| **Email Auth** | No SPF/DMARC records |
| **Service Purpose** | Firewalled / No Services |
---
## NEIGHBORHOOD ANALYSIS (216.151.137.0/24)
| Metric | Value |
|---|---|
| **Subnet Classification** | Mixed |
| **Abuse Density** | 0.2812 (28.12%) |
| **Total Siblings** | 256 |
| **Active Siblings** | 116 |
| **Threat Siblings** | 72 |
| **Risk Distribution** | 0 High / 66 Medium / 34 Low |
The /24 subnet demonstrates typical enterprise infrastructure characteristics with moderate abuse density. Seveny-two threat sibling IPs detected across the neighborhood, but none correlated with the target IP.
---
## OBSERVATION HISTORY
Total Observations: 42 signals
Threat Persistence Days: 0
Ownership Changes: 0
Recent signal activity includes:
- 2026-06-24 15:40: ASN routing confirmation (13445)
- 2026-06-24 15:40: Neighborhood classification (mixed)
- 2026-06-24 12:38: Risk operator score (Minimal)
- 2026-06-24 12:38: Comprehensive profile data collection
The IP has demonstrated consistent behavior with no threat escalation patterns. Ownership has remained stable since 2017.
---
## RELATIONSHIP GRAPH
Total Relationships: 131
Primary Association: Same Network (CS-1711) β 126+ relationships
All relationships map to the same network prefix. No cross-organizational or multi-ASN connections detected.
---
## ROUTING & CONTROL PLANE
| Attribute | Status |
|---|---|
| **BGP Prefix** | 216.151.128.0/20 |
| **Route Stable** | False |
| **Route Changes (30d)** | 0 |
| **DNSSEC Valid** | Yes |
| **RPKI State** | Not verified |
| **IRR Consistency** | Not verified |
| **DNSBL Listed** | 0 of 8 lists |
| **Operator Score** | 0.1304 (Minimal) |
---
## RECOMMENDATIONS
SOC Actions
1. No immediate blocking required β IP presents legitimate enterprise characteristics
2. Monitor for service activation β Currently firewalled; alert on port scan activity
3. Correlate with Cisco Webex threat intelligence β Cross-reference any Webex-related campaigns
4. Whitelist consideration β If this IP appears in threat logs, investigate false positive indicators
Firewall Rules (Reference)
```bash
# No action required β IP is not flagged as malicious
# Standard enterprise filtering applies
```
---
## CONCLUSION
IP 216.151.137.111 is a legitimate Cisco Webex infrastructure address with no active threat indicators. The IP is part of a larger /20 block with moderate neighborhood risk levels. No defensive action is required at this time. SOC analysts should maintain standard monitoring protocols and correlate with any Webex-specific threat intelligence campaigns.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cisco Webex LLC |
| ASN | AS13445 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 20% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 20% | 2 | 3 |
| reputation | 30% | 1 | 3 |
| geolocation | 24% | 2 | 3 |
| Overall | 23% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:05:08 UTC |
| Last Seen | 2026-06-26 18:12:06 UTC |
| Profile Built | 2026-06-27 01:32:41 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 47 |
Full dossier details are available via our API.