IP Intelligence Briefing: 23.239.4.120
Date: June 16, 2026
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Provider: Linode (ASN 63949)
- Geolocation: Fremont, CA, US (ARIN registered)
- Network Role: Cloud compute instance (Linode infrastructure)
- Threat Indicators: No malicious activity detected (zero threat feeds, no blacklists, no campaigns).
---
**2. Observation History**
- Recent Activity (June 12β16, 2026):
- SSH Service: Open port 22 with banner "SSH-2.0-OpenSSH_8.9p1" (normal for cloud servers).
- DNS Associations: Linked to `prod-barium-us-west-22.li.binaryedge.ninja` (non-malicious domain).
- Network Stability: No route changes or ownership shifts observed.
---
**3. Relationships & Context**
- Network Affiliation:
- Same network as Linode (ASN 63949).
- No connections to known malicious subnets or organizations.
- DNS:
- Resolves to `binaryedge.ninja` (legitimate domain with SPF record).
- No email authentication (DMARC/SPF gaps).
---
**4. Neighborhood Analysis**
- Subnet: 23.239.4.120/24 (isolated /32 address).
- Abuse Density: 0% (clean subnet).
- Neighbors: No sibling IPs found (expected for /32).
---
**5. Recommendations**
- Monitor: Track SSH access logs for unusual activity (e.g., brute force attempts).
- Verify: Confirm `binaryedge.ninja` is a legitimate service (e.g., via WHOIS or DNS checks).
- Firewall: Allow SSH (port 22) if this IP is a legitimate server; block all other ports by default.
Conclusion: This IP is associated with a legitimate cloud server (Linode) and shows no signs of malicious activity. No immediate action required, but ongoing monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Linode |
| ASN | AS63949 |
| Network Name | LINODE |
| CIDR Block | 23.239.0.0/19 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | prod-barium-us-west-22.li.binaryedge.ninja |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | prod-barium-us-west-22.li.binaryedge.ninja |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 30% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 25% | 10 | 16 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-03 12:21:47 UTC |
| Last Seen | 2026-06-21 10:20:48 UTC |
| Profile Built | 2026-06-21 10:31:08 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 26 |
Full dossier details are available via our API.