IPDebrief

23.239.29.226

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

## Intelligence Briefing: IP 23.239.29.226

Classification: Cloud Infrastructure Host | Risk Level: LOW (25/100)

Executive Summary

IP 23.239.29.226 is a Linode cloud compute instance with low-risk reputation. The address resolves to Linode's cloud infrastructure in Richardson, TX, US. While currently classified as low-risk, the IP exhibits one DNSBL listing and one threat sibling within the /24 subnet, warranting continued monitoring.

Technical Profile

Threat Indicators

Historical Analysis

The IP has generated 21 signal observations as of June 14, 2026. Historical signals include geolocation, certificate validation, operator scoring, and threat assessment dimensions. No persistent malicious activity detected. The threat observation count remains at 1 with no sustained malicious behavior pattern.

Neighborhood Context (23.239.29.0/24)

Relationship Graph

40 relationships identified, including multiple Linode network associations and DNS hostname associations. All relationships point to legitimate Linode infrastructure resources.

Recommended Actions

1. Monitor DNSBL activity: The single DNSBL listing should be verified for legitimacy. Investigate which specific list flags this address.

2. Track sibling activity: The one threat sibling within the /24 subnet (23.239.29.x) should be correlated for potential coordinated abuse.

3. SSH traffic analysis: Open SSH service is typical for cloud infrastructure. Verify traffic patterns are consistent with legitimate administrative use.

4. No immediate block recommended: Current risk profile supports allow-with-monitoring posture for defensive operations.

Conclusion

IP 23.239.29.226 represents a legitimate Linode cloud hosting instance with minimal threat indicators. The single DNSBL listing and one threat sibling warrant awareness but do not justify immediate blocking. Continue standard cloud infrastructure monitoring practices.

---

Intelligence Source: IPDebrief | Data Freshness: Current | Classification: Defensive Security

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡Έ United States
RegionTX
CityRichardson
Timezoneβ€”
Latitude32.95
Longitude-96.73

🏒 Ownership & Registration

OrganizationLinode
ASNAS63949
Network Nameβ€”
CIDR Block23.239.28.0/22
RIRARIN
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTR23-239-29-226.ip.linodeusercontent.com
Forward ConfirmedYes β€” FCrDNS verified
Forward Hostnamesturn-observer-us-gulf.houdi.ni

πŸ” DNS Hygiene

Hygiene Score40% (Fair)
SPFNot configured
DMARCNot configured
FCrDNSVerified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierTier 3 β€” Basic operator with some routing infrastructure
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
30%
24
routing
27%
23
services
35%
24
ownership
35%
35
reputation
28%
13
geolocation
31%
23
Overall31%1222
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (70%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-09 17:41:31 UTC
Last Seen2026-06-27 16:10:38 UTC
Profile Built2026-06-28 10:17:16 UTC
Data FreshnessLive
Signal Types26
Total Observations33
πŸ” 26 signal types Β· 33 observations collected
This report is generated from 26+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.