104.131.182.21

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 104.131.182.21/32

Classification: Low Risk Cloud Infrastructure | Date: 2026-06-22

---

## Executive Summary

Target 104.131.182.21/32 is a DigitalOcean cloud compute instance classified as Low Risk (risk score: 25). The IP demonstrates stable routing characteristics with no active threat indicators. Current network classification indicates "Firewalled / No Services" with no open ports or TLS certificates observed.

---

## Infrastructure Profile

Attribute	Value
Organization	DigitalOcean, LLC (ASN 14061)
Network	104.131.176.0/20
Location	Clifton, NJ, US
Infrastructure Type	CloudCompute
ISP/Provider	DigitalOcean
Routing Origin	1403 14061 (BGP path stable)
RIR Registry	ARIN
Route Stability	Stable (isRouteStable: true)

---

## Threat Assessment

Risk Score: 25/100 (Low Risk)

Threat Indicators:

Abuse Confidence Score: Not scored
Blacklist Status: 0 blacklists
DNSBL: Listed on 1 of 8 total lists
Known Attacker: No
Spam Source: No
Tor Exit Node: No
Campaign Matches: None

Network Classification:

Cloud Infrastructure: Yes
CDN/Proxy/VPN: No
Hosting Service: Yes
Mobile/Residential: No

---

## Services & DNS Analysis

Open Ports: None detected
TLS Certificates: None
DNS PTR Records: None
Forward Resolution: 0 records
Hosted Domains: 0
Email Authentication: SPF/DMARC not configured
HTTP Title: None observed
Banner Grab: None detected

---

## Neighborhood Analysis

Subnet: 104.131.182.21/24

Abuse Density: 1
Classification: mostly_clean
Threat Siblings: 1
Active Siblings: 1
Risk Distribution: 0 high, 0 medium, 0 low

---

## Historical Observation Trends

Total Observations: 27 signals

Key Historical Indicators:

ASN Age: 5,014 days (registered 2012-09-25)
BGP Communities: 1403:5500
Route Stability: Consistent
Observation Window: 2026-06-18 to 2026-06-22
Threat Persistence: 0 days (not persistently malicious)

Recent Signals:

2026-06-22: BGP routing signal (confidence: 0.30)
2026-06-22: Multi-dimensional profile (confidence: 0.24)
2026-06-18: ASN assignment signal (confidence: 0.85)
2026-06-18: BGP prefix signal (confidence: 0.95)
2026-06-18: Operator score signal (confidence: 0.60)

---

## Relationship Graph

Total Relationships: 24

Same Network: 24 instances to DIGITALOCEAN-104-131-0-0
No external entity relationships detected (no hostnames, organizations, or certificates beyond provider network)

---

## Recommended Actions for SOC Analysts

Action 1: NO BLOCKING REQUIRED

IP exhibits low-risk behavior with no active threat indicators
No firewall rules necessary for standard traffic

Action 2: Monitor for Service Changes

Current state shows "Firewalled / No Services"
Investigate if service discovery or port scanning activity emerges

Action 3: Contextual Verification

Confirm legitimate use case with DigitalOcean if unexpected traffic observed
No correlation with known campaigns or malicious IP clusters

---

## Conclusion

Target 104.131.182.21/32 is a benign DigitalOcean cloud infrastructure address with stable routing and no malicious activity indicators. The IP presents minimal threat to network security and requires no defensive measures beyond standard cloud provider monitoring.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	NJ
City	Clifton
Timezone	—
Latitude	40.84
Longitude	-74.14

🏢 Ownership & Registration

Organization	DigitalOcean, LLC
ASN	AS14061
Network Name	—
CIDR Block	104.131.176.0/20
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	25%	2	4
routing	20%	2	3
services	12%	2	2
ownership	36%	3	7
reputation	26%	1	3
geolocation	32%	2	3
Overall	25%	12	22

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mostly Consistent (80%) — 1 contradiction(s)
Attribution	Low (35%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Claimed geolocation contradicts RTT physics measurement

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:03:27 UTC
Last Seen	2026-06-26 21:56:59 UTC
Profile Built	2026-06-27 18:20:05 UTC
Data Freshness	Live
Signal Types	24
Total Observations	33

🔍 24 signal types · 33 observations collected

This report is generated from 24+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

104.131.182.21📋 Copy