153.76.29.231
IP Intelligence Briefing: 153.76.29.231
Date: 2026-06-10
---
**1. Risk Profile**
- Overall Risk: Moderate (Risk Score: 50)
- Ownership: Registered to GOCODEIT-MNT (ASN 3257, APNIC) with no recent ownership changes.
- Geolocation: Ashburn, VA, US (latitude 39.02, longitude -77.54). Geolocation validation failed due to discrepancy in RTT (22ms vs. expected 126ms for 6318km).
- Threat Indicators: No malicious activity detected. No DNSBL listings, spam, or known attacker associations.
---
**2. Network Observations**
- Control Plane:
- BGP prefix: 153.76.24.0/21 (GTT Communications).
- DNSSEC validation: Valid but with low confidence (score 0.13).
- DNSBL Listings: 2 out of 8 DNSBLs (low severity).
- Subnet Abuse:
- Subnet 153.76.29.0/24 has 0% abuse density.
- Neighboring IPs (153.76.29.165, 153.76.29.203) show low risk (25/100).
---
**3. Behavior & Anomalies**
- Geolocation Inconsistency:
- RTT measurement (22ms) is infeasible for the reported distance, suggesting potential spoofing or misconfigured geolocation.
- DNS Activity:
- No PTR records or domain associations.
- No email authentication (SPF/DKIM) detected.
---
**4. Recommendations**
1. Monitor Geolocation: Investigate the RTT discrepancy to rule out spoofing or misconfigured network equipment.
2. DNSSEC Validation: Confirm DNSSEC configuration validity for the subnet (153.76.24.0/21).
3. DNSBL Verification: Check if DNSBL listings are false positives or require mitigation.
4. Network Segmentation: Ensure firewalled subnets (e.g., 153.76.29.0/24) are isolated from critical assets.
---
Conclusion:
The IP exhibits no active malicious behavior but shows geolocation anomalies and DNSSEC weaknesses. No immediate blocking required, but ongoing monitoring is advised.
*Generated by IPDebrief threat intelligence platform.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | GOCODEIT-MNT |
| ASN | AS3257 |
| Network Name | CA-GOCODEIT-19910923 |
| CIDR Block | 153.76.0.0/19 |
| RIR | APNIC |
| Country | CA |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-25 00:40:28 UTC |
| Last Seen | 2026-06-10 18:55:39 UTC |
| Profile Built | 2026-06-10 18:59:14 UTC |
| Data Freshness | Live |
| Signal Types | 13 |
| Total Observations | 13 |
Full dossier details are available via our API.