172.68.23.79
IP Intelligence Dossier
Your IP: 216.73.216.123
π€ Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 172.68.23.79
Date: 2026-06-16
---
**1. Risk Assessment**
- Risk Score: 25 (Low Risk)
- Threat Indicators: No malicious activity detected (no known attackers, spam, or campaigns).
- DNSBL Listing: Listed in 1 of 8 DNSBLs (confidence: 85%), suggesting potential abuse but no confirmed malicious behavior.
- Network Stability: Stable (no recent route changes).
---
**2. Geolocation & Ownership**
- Location: Seattle, Washington, United States (MaxMind geolocation).
- ISP/Provider: Cloudflare (CDN infrastructure).
- ASN: 13335 (CLOUDFLARENET).
- Subnet: 172.68.23.0/24 (clean subnet with 0% abuse density).
---
**3. Network Role**
- CDN/Hosting: Identified as part of Cloudflareβs CDN infrastructure (firewalled, no services exposed).
- Services: No open ports or active services detected.
- DNS: Valid DNSSEC, no PTR records.
---
**4. Historical Observations**
- Recent Activity (Last 30 Days):
- Consistent geolocation in Seattle.
- 1 DNSBL listing (potential abuse risk).
- No spikes in threat signals or network anomalies.
---
**5. Relationships & Neighborhood**
- Linked Entities: No relationships or subnets identified.
- Subnet Neighbors: 0 active neighbors in 172.68.23.0/24 (isolated host or misconfigured subnet).
---
**6. Recommendations**
- Monitor DNSBL Status: Investigate the single DNSBL listing to confirm legitimacy (e.g., false positive or misconfigured host).
- Check for Anomalies: Since the IP is part of a CDN, ensure it is not being repurposed for malicious activities (e.g., C2 servers).
- Verify Subnet Isolation: Confirm if the /24 subnet is intentionally isolated or misconfigured.
---
Conclusion: 172.68.23.79 is a low-risk Cloudflare CDN IP with no active threats. The DNSBL listing warrants further investigation, but the overall profile suggests no immediate actionable threats. Continue monitoring for changes in DNS or network behavior.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cloudflare, Inc. |
| ASN | AS13335 |
| Network Name | CLOUDFLARENET |
| CIDR Block | 172.64.0.0/13 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
No certificate
Issued by β
N/A
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 2 |
| routing | 17% | 1 | 1 |
| services | 17% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 35% | 2 | 3 |
| Overall | 24% | 9 | 12 |
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
β Claimed geolocation contradicts RTT physics measurement
π Observation Timeline π Live
| First Seen | 2026-06-13 09:46:19 UTC |
| Last Seen | 2026-06-21 20:34:12 UTC |
| Profile Built | 2026-06-21 21:09:31 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 21 |
π 19 signal types Β· 21 observations collected
This report is generated from 19+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
βΉοΈ About This Report
All data shown is publicly available network metadata β IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.