96.73.118.137
IP Intelligence Briefing: 96.73.118.137
*Generated via IPDebrief tools: profile, history, relationships, neighbors, and actions.*
---
**1. IP Profile**
- Risk Score: 70/100 (High Risk)
- Ownership: Comcast Cable Communications, LLC (ASN 7922)
- Geolocation: Houston, TX, US (residential)
- Network Role: Residential broadband (no cloud/vpn/proxy indicators)
- Services:
- Open ports: SSH (22), HTTPS (443)
- TLS/SSL: No certificate data
- Banner: SSH-2.0-Zyxel server
---
**2. Threat & Observation History**
- Recent Activity:
- June 7, 2026: Geolocation confirmed (Houston, TX) with minimal operator risk score (0.13).
- June 5, 2026: HTTPS connection failed (potential misconfiguration or blocking).
- Threat Indicators: No known malicious campaigns, spam, or blacklisted activity.
- Temporal Trends: No persistent threats; risk score elevated but no clear malicious signals.
---
**3. Network Relationships**
- Linked Networks: Multiple references to subnet HOUSTON-CBC-30 (likely Comcast residential network).
- Subnet Context:
- 96.73.118.137/24: Clean subnet with 0 abuse density.
- No malicious siblings or active threats in the neighborhood.
---
**4. Security Recommendations**
- Monitor Activity:
- Increase logging verbosity for this IP due to its high risk score (70).
- Verify SSH/HTTPS traffic legitimacy, as no certificate or banner details were captured.
- Firewall Actions:
- iptables: `iptables -A INPUT -s 96.73.118.137 -j DROP`
- Cloudflare WAF: Block IP with rule `{ "action": "block", "expression": "ip.src eq 96.73.118.137" }`
- AWS WAF: Add `96.73.118.137/32` to a custom IP set.
---
**5. Next Steps**
- Cross-check with internal threat feeds for unknown indicators.
- Validate geolocation consistency with network traffic patterns.
- Monitor for anomalous behavior in the HOUSTON-CBC-30 subnet.
Note: While the IP shows no direct malicious activity, its high risk score may reflect network-level factors (e.g., misconfigured services). Further investigation is recommended.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Comcast Cable Communications, LLC |
| ASN | AS7922 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-Zyxel SSH server |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 31% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 16% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 21% | 10 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-14 07:15:38 UTC |
| Last Seen | 2026-06-19 05:26:51 UTC |
| Profile Built | 2026-06-17 20:46:31 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.