23.134.88.60
IP Intelligence Briefing: 23.134.88.60
*Generated via IPDebrief tools (June 9, 2026)*
---
**1. Core Profile**
- Risk Score: 70 (High Risk)
- Ownership: Cloudie Networks LLC (AS924, ARIN-registered)
- Geolocation: United States (no city/region specified)
- Threat Indicators:
- Tor exit node activity observed
- Blacklisted in 1 DNSBL
- No known malware campaigns or spam sources
---
**2. Network Context**
- Role: Tor exit node (classified as "Single-Service Host")
- Subnet: 23.134.88.0/24
- Abuse Density: 0% (clean subnet)
- Neighbors: 1 active sibling IP (23.134.88.61, risk score 40)
- BGP Analysis:
- AS Path: `6939 924` (Cloudflare, Cloudie Networks)
- Route Stability: Stable (no recent changes)
---
**3. Historical Observations**
- First Seen: June 9, 2026
- Signals Tracked:
- Tor exit node activity
- DNSSEC validation (valid)
- No DNSBL listings beyond 1
- Risk Trends: Minimal fluctuation; no persistent malicious activity detected.
---
**4. Relationships & Dependencies**
- Linked Entities:
- Same network: Cloudie Networks LLC (AS924)
- No correlated IPs or campaigns identified
- Services:
- Open SSH port (22/tcp) with banner: `SSH-2.0-OpenSSH_9.2p1`
- No TLS certs or HTTP services detected
---
**5. Recommendations**
- Monitor: Traffic from this Tor exit node for anomalous behavior (e.g., data exfiltration, C2 communications).
- Blocklist: Consider blocking Tor exit nodes if not required for operations.
- Verify: Confirm Cloudie Networks LLC's compliance with organizational security policies.
- Subnet: No immediate action needed for 23.134.88.0/24 due to low abuse density.
---
Note: This IP is associated with Tor infrastructure, which may be used for privacy or malicious purposes. Further investigation into its traffic patterns is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Cloudie Networks LLC |
| ASN | AS924 |
| Network Name | β |
| CIDR Block | 23.134.88.0/24 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | undefined.hostname.localhost |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | undefined.hostname.localhost |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u10 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 24% | 2 | 3 |
| services | 15% | 2 | 2 |
| ownership | 27% | 3 | 4 |
| reputation | 26% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 25% | 12 | 19 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-22 13:35:51 UTC |
| Last Seen | 2026-06-26 21:06:52 UTC |
| Profile Built | 2026-06-27 18:05:09 UTC |
| Data Freshness | Live |
| Signal Types | 26 |
| Total Observations | 54 |
Full dossier details are available via our API.