216.151.138.118
IP INTELLIGENCE BRIEFING: 216.151.138.118/32
Classification: Moderate Risk (Score: 40/100)
Ownership & Infrastructure:
The IP address belongs to Cisco Webex LLC (ASN: 13445), operating within the ARIN registry under CIDR block 216.151.128.0/20. The address is geolocated to San Jose, California, United States. Network classification indicates the host is firewalled with no active services detected (no open ports, no TLS certificates, no hosted domains).
Network Context & Neighborhood Analysis:
The /24 subnet (216.151.138.0/24) is classified as high_abuse with an abuse density of 1.0. The subnet contains 256 total sibling IPs with 155 currently active. Risk distribution across neighbors shows 73 medium-risk and 27 low-risk addresses. Notable neighbor risk scores range from 25-49, indicating elevated activity in this address space. The target IP shares the same network identifier (CS-1711) with 166+ related network entities.
Threat Indicators:
- DNSBL Listed Count: 1 out of 8 evaluated lists
- No known attacker indicators, Tor exit node, or spam source classification
- Zero open ports detected; service banner analysis unavailable
- No active threat campaigns or certificate matches identified
Behavioral Profile:
The IP demonstrates stable ownership with zero ownership changes observed. Recent observation history (50 signals) from June 24, 2026, shows consistent "Minimal" operator scores (0.2174) and geolocation signals confirming US location. The IP is not flagged as persistently malicious with zero threat persistence days recorded.
Recommendations:
- Monitor subnet-level activity for coordinated malicious behavior patterns
- Review firewall rules for potential port scanning activity in the /24
- No immediate block required based on current risk profile; maintain defensive posture
- Consider enhanced logging for inbound connection attempts from this address space
Conclusion:
This IP presents moderate risk with legitimate Cisco infrastructure ownership. The elevated neighborhood abuse density warrants contextual monitoring but does not indicate direct threat activity from this specific endpoint.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cisco Webex LLC |
| ASN | AS13445 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 20% | 1 | 1 |
| services | 20% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 27% | 1 | 3 |
| geolocation | 28% | 2 | 3 |
| Overall | 23% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:05:10 UTC |
| Last Seen | 2026-06-26 18:12:07 UTC |
| Profile Built | 2026-06-27 01:59:09 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 51 |
Full dossier details are available via our API.