# INTELLIGENCE BRIEFING: IP Address 216.152.249.18/32
## Executive Summary
IP address 216.152.249.18 is classified as Moderate Risk (risk score: 49) with known threat indicators and malicious activity history. The address belongs to Beamspeed LLC (ASN 14237) and is located in Yuma, Arizona, United States. While the IP itself is currently firewalled with no active services, it is associated with a subnet exhibiting high abuse density.
## Ownership and Geolocation
- Organization: Beamspeed LLC
- ASN: 14237
- Network: 216.152.249.0/24
- Country: United States (US)
- Region: Arizona (AZ)
- City: Yuma
- Registration RIR: ARIN
- PTR Hostname: ip-216-152-249-18.wireless.dyn.beamspeed.net
- DNS Domain: beamspeed.net
## Threat Intelligence Assessment
Current Risk Profile
- Overall Risk Score: 49 (Moderate Risk)
- Abuse Confidence: Not directly scored
- Known Attacker Status: Confirmed (isKnownAttacker: true)
- Spam Source: No
- Tor Exit Node: No
Threat Indicators
- Blocklist Presence: Listed on blocklist.de
- DNSBL Status: Listed on 1 of 8 DNSBL lists
- Operator Score: 0.2609 (Basic classification)
- Route Stability: False (unstable routing)
Network Role Classification
- Firewall Status: Firewalled / No Services
- Open Ports: None detected
- TLS/HTTP Services: None detected
- Infrastructure Type: Not CDN, Cloud, VPN, Proxy, or Hosting
- Not Classified As: Mobile carrier, Residential, Bogon, or Anycast
## Subnet Neighborhood Analysis (216.152.249.0/24)
- Subnet Classification: High Abuse
- Abuse Density: 1 (elevated)
- Total Subnet Siblings: 256
- Active Siblings: 147
- Threat Siblings: 256
- Inherited Risk Score: 40
- Risk Distribution: High (0), Medium (96), Low (4)
The subnet exhibits elevated abuse characteristics with 256 threat-identified siblings across the /24 block.
## Observation History
- Total Observations: 44
- Threat Persistence Days: 0
- Recent Activity (June 2026): Multiple observations recorded with "Minimal" risk labels and 0 operator scores
- Temporal Status: Not persistently malicious (threatPersistenceDays: 0)
- Observation Pattern: Consistent monitoring across multiple time windows with no escalation trends
## Relationship Graph
- DNS Associations: ip-216-152-249-18.wireless.dyn.beamspeed.net
- Network Relationships: BEAMS network associations
- Total Relationships: 305 entities
- Certificate Matches: 0
- Campaign Correlations: 0 correlated IPs
## Control Plane Data
- BGP Prefix: 216.152.249.0/24
- Origin ASN: 14237
- RPKI State: Not verified
- IRR Consistency: Not verified
- Route Changes (30d): 0
- DNSSEC Status: Valid
- Geo Validation: ICMP blocked - unable to validate; distance 3682.4 km from probe origin
## Recommended Actions
1. Monitor Activity: The IP shows known attacker designation despite current firewall status. Monitor for service activation.
2. Subnet Context: Apply caution to all addresses in 216.152.249.0/24 due to high abuse density classification.
3. DNSBL Status: Address is listed on 1 DNSBL; evaluate impact based on destination context.
4. Firewall Rules: No specific firewall rules generated due to current firewalled status and lack of active services.
5. Threat Persistence: Monitor for changes in threatPersistenceDays and operator scores indicating increased risk activity.
## Intelligence Narrative
The IP address 216.152.249.18 belongs to Beamspeed LLC and operates within a high-abuse density subnet. While currently presenting as a firewalled endpoint with no active services, the address carries a known attacker designation and is listed on threat intelligence feeds. The surrounding /24 subnet shows elevated abuse characteristics with 256 threat-identified neighbors, suggesting potential for related malicious activity. Historical observation data indicates 44 monitoring events with recent measurements showing minimal immediate risk, though the underlying subnet context warrants continued vigilance.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Beamspeed LLC |
| ASN | AS14237 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | ip-216-152-249-18.wireless.dyn.beamspeed.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | ip-216-152-249-18.wireless.dyn.beamspeed.net |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 3 | 3 |
| routing | 20% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 24% | 2 | 3 |
| reputation | 34% | 2 | 3 |
| geolocation | 24% | 2 | 3 |
| Overall | 24% | 11 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:05:12 UTC |
| Last Seen | 2026-06-26 18:12:08 UTC |
| Profile Built | 2026-06-27 08:09:08 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 47 |
Full dossier details are available via our API.