IP Intelligence Briefing: 172.232.109.232
Date: 2026-06-11
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Provider: Linode (AS63949)
- Geolocation: United States (US), but region/city fields are unpopulated. Latitude/longitude missing.
- Network Role: CloudCompute (Linode infrastructure).
- Threat Indicators: No malicious activity, spam, or known attacker associations.
---
**2. Historical Observations**
- Recent Activity:
- Geolocation data inferred via cymru-country (confidence 35%), placing it in the US with ~2,500km accuracy.
- Subnet abuse density remains clean (0/20).
- Ownership stability: No changes detected.
- Trend: No persistent threats or anomalies in 30-day observation history.
---
**3. Network Relationships**
- DNS Associations:
- Linked to `172-232-109-232.ip.linodeusercontent.com` (Linode subdomain).
- Network Affiliation:
- Same network as Linode (AS63949).
- No connections to known malicious subnets or organizations.
---
**4. Subnet Neighborhood**
- Subnet: 172.232.109.232/24
- Abuse Density: 0% (clean).
- Neighbors: No active or malicious sibling IPs in the subnet.
---
**5. Technical Context**
- Services: No open ports or TLS certificates detected.
- Routing:
- BGP prefix: 172.232.96.0/19
- Traceroute: Routed through Comcast and Zayo (legitimate ISPs).
- DNSSEC: Validated.
---
**6. Recommendations**
- Monitoring: Track geolocation accuracy, as region/city fields are unpopulated.
- Firewall: No restrictive rules needed due to low risk profile.
- Verification: Confirm Linode's IP delegation practices for this subnet.
---
Conclusion: 172.232.109.232 is a legitimate Linode cloud instance with no detected malicious activity. The subnet and network relationships are clean, but geolocation data requires further validation. No immediate action is required.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Linode |
| ASN | AS63949 |
| Network Name | LINODE |
| CIDR Block | 172.232.0.0/13 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 172-232-109-232.ip.linodeusercontent.com |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 172-232-109-232.ip.linodeusercontent.com |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 24% | 2 | 3 |
| Overall | 21% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-28 18:34:17 UTC |
| Last Seen | 2026-06-29 05:43:48 UTC |
| Profile Built | 2026-06-29 05:48:24 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 25 |
Full dossier details are available via our API.