IPDebrief

104.248.35.8

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 104.248.35.8/32

Date: 2026-06-21

Classification: LOW RISK

Risk Score: 25/100

---

## Executive Summary

IP address 104.248.35.8 is a DigitalOcean cloud computing resource located in Frankfurt am Main, Germany. The IP presents as a firewalled/cloud infrastructure endpoint with no active service exposure. Current threat indicators are minimal, and the subnet classification is "mostly_clean" with low abuse density. No immediate blocking is recommended based on current data.

---

## Infrastructure Profile

AttributeValue
**IP Address**104.248.35.8/32
**ASN**14061 (DigitalOcean, LLC)
**Organization**DIGITALOCEAN-104-248-0-0
**Location**Frankfurt am Main, Germany (DE)
**Infrastructure Type**CloudCompute
**ISP/Provider**DigitalOcean
**CIDR Block**104.248.0.0/16

---

## Risk Assessment

Overall Risk: LOW (Score: 25/100)

Risk Breakdown:

Threat Indicators:

---

## Network Characteristics

Service Exposure:

DNS Analysis:

---

## Control Plane Intelligence

MetricValue
BGP Prefix104.248.32.0/20
Route StabilityFalse
DNSBL Lists1 of 8
Operator Score0.1304 (Minimal)
RPKI StateNot available
IRR ConsistencyNot available

---

## Neighborhood Analysis

Subnet: 104.248.35.8/24

Abuse Density: 1 (Low)

Classification: mostly_clean

Inherited Risk: 2

Total Siblings: 1

Active Siblings: 0

Threat Siblings: 1

*Note: One threat sibling detected in the /24 subnet.*

---

## Behavioral History

Observation Count: 16 signals recorded

Last Observed: 2026-06-21T03:28:32+00:00

Threat Persistence: 0 days

Persistent Malicious: No

Recent Signal Types:

---

## Related Entities

Network Relationships:

*No external hostname, organization, or certificate relationships detected.*

---

## Recommended Actions

Security Actions: No specific actions recommended at this time.

Firewall Rules: Not applicable (low risk profile).

Monitoring Priority: LOW

---

## Analyst Notes

1. Infrastructure Type: This IP is a DigitalOcean cloud resource, commonly used for web hosting, development, or enterprise infrastructure.

2. Service State: No open services detected on the IP. The "Firewalled / No Services" classification suggests either a dormant resource or one behind strict access controls.

3. Geolocation: Frankfurt location is consistent with DigitalOcean's European data center footprint.

4. Threat Posture: Minimal threat activity. The single threat sibling in the neighborhood warrants continued monitoring but does not indicate immediate risk from this specific IP.

5. Recommendation: Standard monitoring procedures apply. No immediate blocking, rate limiting, or investigation required based on current data.

---

Report Generated: IPDebrief Intelligence Platform

Data Freshness: Current as of analysis timestamp

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฉ๐Ÿ‡ช Germany
RegionHE
CityFrankfurt am Main
TimezoneEurope/Berlin
Latitude50.12
Longitude8.68

๐Ÿข Ownership & Registration

OrganizationDigitalOcean, LLC
ASNAS14061
Network NameDIGITALOCEAN-104-248-0-0
CIDR Block104.248.0.0/16
RIRARIN
CountryUnited States
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)

๐Ÿ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeWeb Server
Network TierHosting โ€” Infrastructure provider without advanced routing
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
443httpstcpโ€”
22sshtcp
Closed Ports25, 80, 3389, 8080, 8443 (2 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”
SSH VersionSSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16

๐Ÿ” TLS Certificate

๐Ÿ”’
CN=admvpn.top
Issued by CN=YE1, O=Let's Encrypt, C=US
Self-signed: No
SANsadmvpn.top
Valid From2026-06-21T06:04:31+00:00
Valid Until2026-09-19T06:04:30+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_128_GCM_SHA256
Signature Algorithmsha384ECDSA
Validity Period89 days
Serial Number0520A822D164FA87E75FBC40E59EE795F88F
Thumbprint29242E11B6B2940445484EECE57F50F970A3ECA5

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
27%
23
routing
13%
11
services
13%
11
ownership
27%
23
reputation
22%
13
geolocation
30%
24
Overall22%915
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-05-28 18:33:52 UTC
Last Seen2026-06-29 05:36:39 UTC
Profile Built2026-06-29 06:02:08 UTC
Data FreshnessLive
Signal Types20
Total Observations20
๐Ÿ” 20 signal types ยท 20 observations collected
This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.