104.248.32.112
# IP INTELLIGENCE BRIEFING
IP Address: 104.248.32.112/32
Classification: Low Risk
Risk Score: 30
Report Date: Current
Analyst: IPDebrief Intelligence System
---
## EXECUTIVE SUMMARY
IP 104.248.32.112 is a DigitalOcean cloud infrastructure host located in Frankfurt am Main, Germany. The address presents a low-risk profile with a risk score of 30/100. No active malicious indicators were detected during analysis. The IP operates standard web hosting services with minor configuration observations requiring awareness.
---
## OWNERSHIP & INFRASTRUCTURE
| Field | Value |
|---|---|
| **Organization** | DigitalOcean, LLC |
| **ASN** | 14061 |
| **Network Name** | DIGITALOCEAN-104-248-0-0 |
| **Geolocation** | Frankfurt am Main, Germany (DE) |
| **Infrastructure Type** | CloudCompute / Hosting |
| **Classification** | Cloud Infrastructure |
The IP belongs to DigitalOcean's cloud provider network (ASN 14061) and operates within the 104.248.32.0/20 BGP prefix. Route stability is flagged as false with zero route changes observed in the past 30 days. DNSSEC validation is active on the infrastructure.
---
## THREAT INDICATORS
Status: No Active Threat Indicators
| Indicator | Finding |
|---|---|
| **Blacklist Count** | 0 |
| **Tor Exit Node** | False |
| **Known Attacker** | False |
| **Spam Source** | False |
| **Abuse Confidence** | Not Applicable |
| **Known Campaigns** | None |
| **Distributed DNSBL Lists** | 1/8 |
The control plane data indicates minimal operator score (0.1304). No correlated campaign activity or certificate subject matches were identified.
---
## NETWORK SERVICES & EXPOSURE
| Port | Protocol | Service | Status |
|---|---|---|---|
| 80 | TCP | HTTP | Open |
| 443 | TCP | HTTPS | Open |
| 22 | TCP | SSH | Open |
| 3389 | TCP | RDP | Open |
HTTP Fingerprint: nginx/1.27.5
TLS Certificate: SSL.com TLS Issuing RSA CA R1
Certificate Subject: CN=nailyalcinsigorta.com
Security Headers:
- SPF Record: Present
- DMARC Record: Present
- HSTS: Not configured
- CSP: Not configured
---
## NEIGHBORHOOD ANALYSIS
Subnet: 104.248.32.112/24
Abuse Density: 1 (Low)
Classification: Mostly Clean
Threat Siblings: 1
Active Siblings: 1
Inherited Risk Score: 2
The /24 subnet shows minimal abuse density. One threat sibling was identified within the neighborhood, though this does not elevate the individual IP's risk profile.
---
## OBSERVATION HISTORY
Recent signal observations (June 15, 2026) indicate:
- Network Classification: Mostly clean with low inherited risk
- Ownership Stability: No ownership changes detected
- Threat Persistence: Zero observation count for persistent malicious behavior
- HTTP Status: 301 (Redirect) with average TTFB of 350ms
- Security Posture: HTTP/2 enabled, HTTPS enforced
The IP demonstrates consistent low-risk behavior across multiple observation points with no degradation in security posture.
---
## RELATIONSHIP MAPPING
Connected Entities: 20 network-level relationships identified
Primary Association: DIGITALOCEAN-104-248-0-0 (same network)
External Relationships: None detected
All identified relationships map to the parent DigitalOcean network block, indicating standard cloud infrastructure hosting without external associations.
---
## RECOMMENDATIONS
Threat Level: LOW โ NO IMMEDIATE ACTION REQUIRED
1. Monitor: Continue passive monitoring; no blocking recommended at this time
2. RDP Awareness: Port 3389 (RDP) is open and accessible; implement rate limiting if this IP is not an expected internal resource
3. Certificate Review: Certificate subject "nailyalcinsigorta.com" appears to be a non-standard domain; verify legitimacy if not expected
4. Baseline: Risk score of 30 supports standard allow-listing with optional rate limiting on SSH/RDP
No firewall rules were generated based on current risk profile.
---
## CONCLUSION
IP 104.248.32.112 is a legitimate DigitalOcean cloud hosting address with standard web server configuration. The low risk score (30), absence of threat indicators, and clean neighborhood profile indicate this IP represents normal cloud infrastructure operations. No immediate defensive action is warranted, though awareness of the open RDP port and certificate domain should be maintained.
---
Data Sources: IPDebrief Intelligence Platform
Classification: Defensive Security Intelligence
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| 3389 | rdp | tcp | โ |
| Closed Ports | 25, 8080, 8443 (4 open / 7 scanned) | ||
| Server | nginx/1.27.5 |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | nailyalcinsigorta.comwww.nailyalcinsigorta.com |
| Valid From | 2026-05-18T13:30:58+00:00 |
| Valid Until | 2026-12-02T13:30:58+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 198 days |
| Serial Number | 27EE0487513285577A5DAD1995CF5D0B |
| Thumbprint | 3A06596CC8B707514A103CEC8B07E666266F6A2D |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 20% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 34% | 2 | 3 |
| Overall | 23% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-23 12:21:16 UTC |
| Last Seen | 2026-06-28 20:46:29 UTC |
| Profile Built | 2026-06-29 02:48:48 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 23 |
Full dossier details are available via our API.