IPDebrief

216.152.249.222

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

Target: 216.152.249.222/32

Classification: Moderate Risk / Passive Infrastructure

Date: Current

Status: Active Monitoring

---

## EXECUTIVE SUMMARY

IP address 216.152.249.222 is a residential/modern infrastructure endpoint operating under Beamspeed LLC (ASN 14237) in Yuma, Arizona. The IP presents moderate risk (score: 40/100) with no active services detected. Despite the moderate overall risk rating, the /24 subnet (216.152.249.0/24) exhibits high abuse density classification, suggesting coordinated activity within the network block.

---

## NETWORK OWNERSHIP & GEOLOCATION

AttributeValue
**Organization**Beamspeed LLC
**ASN**14237
**Country/Region**US / AZ (Yuma)
**CIDR Block**216.152.249.0/24
**Registration**ARIN
**Network Type**Residential / Dynamic

---

## THREAT INDICATORS

Threat Assessment: No active threat indicators detected. The IP is not associated with known campaigns, malware, or malicious campaigns.

---

## SERVICE ANALYSIS

---

## NEIGHBORHOOD ANALYSIS

Subnet: 216.152.249.0/24

MetricValue
**Abuse Density**1.0 (High)
**Classification**high_abuse
**Total Siblings**256
**Active Siblings**149
**Threat Siblings**256

Risk Distribution in /24:

Notable Neighbors:

---

## OBSERVATION HISTORY

The IP has maintained consistent low-to-minimal threat signatures across multiple observation windows with no escalation patterns detected.

---

## DNS & HOSTING ANALYSIS

---

## RELATIONSHIP GRAPH

- DNS: ip-216-152-249-222.wireless.dyn.beamspeed.net

- Network: BEAMS

- Multiple DNS association entries (consistent pattern)

---

## CONTROL PLANE DATA

---

## RECOMMENDED ACTIONS

1. Monitor: Track IP activity for service changes or service openings

2. Block: Consider blocking if the IP initiates connections to internal resources

3. Observe: Monitor neighbor subnet (216.152.249.0/24) for coordinated activity patterns

4. Alert: Set up alerts for any service discovery or DNS changes

Firewall Rule Recommendation:

```

# Allow/Block based on organizational policy

# IP: 216.152.249.222

# Risk: Moderate (40) - No services detected

```

---

## INTELLIGENCE NARRATIVE

The IP 216.152.249.222 represents a dormant residential endpoint within a high-abuse-density subnet. While the individual IP shows no active services, malicious, or campaign-associated behavior, the surrounding /24 subnet demonstrates concerning abuse patterns with 256 threat-sibling IPs. The IP's moderate risk score reflects its location within this problematic subnet rather than intrinsic malicious characteristics.

The endpoint has not exhibited escalating threat behavior over the observation period, with consistent minimal threat signatures. However, the high abuse density of the parent subnet suggests this IP may be part of a larger compromised infrastructure or may have been utilized for abuse by associated entities.

Key Indicators for SOC Teams:

---

END OF BRIEFING

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡Έ United States
RegionAZ
CityYuma
Timezoneβ€”
Latitude32.71
Longitude-114.49

🏒 Ownership & Registration

OrganizationBeamspeed LLC
ASNAS14237
Network Nameβ€”
CIDR Blockβ€”
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTRip-216-152-249-222.wireless.dyn.beamspeed.net
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamesip-216-152-249-222.wireless.dyn.beamspeed.net

πŸ” DNS Hygiene

Hygiene Score80% (Excellent)
SPFPresent
DMARCPresent
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureUnknown
Service PurposeFirewalled / No Services
Network TierUnknown β€” Insufficient routing data to classify
No specific classification

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
23%
24
routing
20%
11
services
17%
23
ownership
20%
23
reputation
27%
13
geolocation
28%
23
Overall22%1017
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-07 23:05:13 UTC
Last Seen2026-06-26 18:12:09 UTC
Profile Built2026-06-27 07:40:19 UTC
Data FreshnessLive
Signal Types24
Total Observations53
πŸ” 24 signal types Β· 53 observations collected
This report is generated from 24+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.