IPDebrief

104.248.32.112

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

IP Address: 104.248.32.112/32

Classification: Low Risk

Risk Score: 30

Report Date: Current

Analyst: IPDebrief Intelligence System

---

## EXECUTIVE SUMMARY

IP 104.248.32.112 is a DigitalOcean cloud infrastructure host located in Frankfurt am Main, Germany. The address presents a low-risk profile with a risk score of 30/100. No active malicious indicators were detected during analysis. The IP operates standard web hosting services with minor configuration observations requiring awareness.

---

## OWNERSHIP & INFRASTRUCTURE

FieldValue
**Organization**DigitalOcean, LLC
**ASN**14061
**Network Name**DIGITALOCEAN-104-248-0-0
**Geolocation**Frankfurt am Main, Germany (DE)
**Infrastructure Type**CloudCompute / Hosting
**Classification**Cloud Infrastructure

The IP belongs to DigitalOcean's cloud provider network (ASN 14061) and operates within the 104.248.32.0/20 BGP prefix. Route stability is flagged as false with zero route changes observed in the past 30 days. DNSSEC validation is active on the infrastructure.

---

## THREAT INDICATORS

Status: No Active Threat Indicators

IndicatorFinding
**Blacklist Count**0
**Tor Exit Node**False
**Known Attacker**False
**Spam Source**False
**Abuse Confidence**Not Applicable
**Known Campaigns**None
**Distributed DNSBL Lists**1/8

The control plane data indicates minimal operator score (0.1304). No correlated campaign activity or certificate subject matches were identified.

---

## NETWORK SERVICES & EXPOSURE

PortProtocolServiceStatus
80TCPHTTPOpen
443TCPHTTPSOpen
22TCPSSHOpen
3389TCPRDPOpen

HTTP Fingerprint: nginx/1.27.5

TLS Certificate: SSL.com TLS Issuing RSA CA R1

Certificate Subject: CN=nailyalcinsigorta.com

Security Headers:

---

## NEIGHBORHOOD ANALYSIS

Subnet: 104.248.32.112/24

Abuse Density: 1 (Low)

Classification: Mostly Clean

Threat Siblings: 1

Active Siblings: 1

Inherited Risk Score: 2

The /24 subnet shows minimal abuse density. One threat sibling was identified within the neighborhood, though this does not elevate the individual IP's risk profile.

---

## OBSERVATION HISTORY

Recent signal observations (June 15, 2026) indicate:

The IP demonstrates consistent low-risk behavior across multiple observation points with no degradation in security posture.

---

## RELATIONSHIP MAPPING

Connected Entities: 20 network-level relationships identified

Primary Association: DIGITALOCEAN-104-248-0-0 (same network)

External Relationships: None detected

All identified relationships map to the parent DigitalOcean network block, indicating standard cloud infrastructure hosting without external associations.

---

## RECOMMENDATIONS

Threat Level: LOW โ€“ NO IMMEDIATE ACTION REQUIRED

1. Monitor: Continue passive monitoring; no blocking recommended at this time

2. RDP Awareness: Port 3389 (RDP) is open and accessible; implement rate limiting if this IP is not an expected internal resource

3. Certificate Review: Certificate subject "nailyalcinsigorta.com" appears to be a non-standard domain; verify legitimacy if not expected

4. Baseline: Risk score of 30 supports standard allow-listing with optional rate limiting on SSH/RDP

No firewall rules were generated based on current risk profile.

---

## CONCLUSION

IP 104.248.32.112 is a legitimate DigitalOcean cloud hosting address with standard web server configuration. The low risk score (30), absence of threat indicators, and clean neighborhood profile indicate this IP represents normal cloud infrastructure operations. No immediate defensive action is warranted, though awareness of the open RDP port and certificate domain should be maintained.

---

Data Sources: IPDebrief Intelligence Platform

Classification: Defensive Security Intelligence

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฉ๐Ÿ‡ช Germany
RegionHE
CityFrankfurt am Main
TimezoneEurope/Berlin
Latitude51.17
Longitude10.45

๐Ÿข Ownership & Registration

OrganizationDigitalOcean, LLC
ASNAS14061
Network Nameโ€”
CIDR Blockโ€”
RIRARIN
Countryโ€”
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)

๐Ÿ” DNS Hygiene

Hygiene Score60% (Good)
SPFPresent
DMARCPresent
FCrDNSNot verified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeWeb Server
Network TierHosting โ€” Infrastructure provider without advanced routing
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpโ€”
443httpstcpโ€”
22sshtcp
3389rdptcpโ€”
Closed Ports25, 8080, 8443 (4 open / 7 scanned)
Servernginx/1.27.5
HTTP Titleโ€”
SSH VersionSSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16

๐Ÿ” TLS Certificate

๐Ÿ”’
CN=nailyalcinsigorta.com
Issued by CN=SSL.com TLS Issuing RSA CA R1, O=SSL Corporation, C=US
Self-signed: No
SANsnailyalcinsigorta.comwww.nailyalcinsigorta.com
Valid From2026-05-18T13:30:58+00:00
Valid Until2026-12-02T13:30:58+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_256_GCM_SHA384
Signature Algorithmsha256RSA
Validity Period198 days
Serial Number27EE0487513285577A5DAD1995CF5D0B
Thumbprint3A06596CC8B707514A103CEC8B07E666266F6A2D

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
29%
24
routing
8%
11
services
20%
23
ownership
24%
23
reputation
26%
13
geolocation
34%
23
Overall23%1017
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-23 12:21:16 UTC
Last Seen2026-06-28 20:46:29 UTC
Profile Built2026-06-29 02:48:48 UTC
Data FreshnessLive
Signal Types21
Total Observations23
๐Ÿ” 21 signal types ยท 23 observations collected
This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.