107.170.70.18

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP INTELLIGENCE BRIEFING: 107.170.70.18

Classification: Low Risk Cloud Infrastructure | Date: Analysis Complete

Infrastructure Profile

Target 107.170.70.18 is a DigitalOcean cloud host (ASN 14061) registered in New York, NY. The IP operates within a /17 BGP prefix (107.170.0.0/17) with origin AS14061. Risk scoring indicates low threat exposure (score: 25/100). The endpoint functions as a multi-service host with standard web and SSH services.

Network Services & Fingerprinting

HTTP (Port 80/TCP): Apache/2.2.22 on Ubuntu server
SSH (Port 22/TCP): OpenSSH_5.9p1 Debian-5ubuntu1.1
HTTP response code: 302 (redirect)
HTTP version: 1.1
Response time: 54ms TTFF

Threat Indicators

No active threat indicators detected. The IP is not classified as a known attacker, spam source, or Tor exit node. Zero blacklist entries confirmed. DNSBL monitoring shows presence on 1 of 8 evaluated lists. Control plane operator score: 0.1304 (Minimal risk).

Geolocation Validation

Geolocation data indicates New York, US with 2500km accuracy radius. However, RTT validation reveals a discrepancy: claimed distance 5966km with observed RTT 19ms, which violates minimum possible RTT of 119.3ms for this distance. This suggests potential location spoofing or inaccurate geolocation data.

Historical Analysis

Observation history contains 21 signal observations. Recent fingerprinting (2026-06-20) confirmed Apache web server configuration. Subnet-level abuse density classification: "mostly_clean" with 1 threat sibling in the /24 neighborhood. No persistent malicious activity detected; threat persistence days: 0.

Network Context

The target IP resides within DigitalOcean's 107.170.0.0/24 subnet. Neighborhood analysis shows abuse density of 0, with no high or medium risk neighbors identified. All relationships map to the same network block (DIGITALOCEAN-107-170-0-0). No hostname, certificate, or organizational relationships detected.

Recommended Actions

No immediate firewall blocking or mitigation rules recommended based on current risk profile. Standard monitoring and logging advised. The geolocation RTT anomaly warrants continued observation to determine if this indicates malicious activity or simply inaccurate geolocation data.

Assessment

This IP represents routine cloud infrastructure hosting with minimal threat indicators. The low risk score and absence of malicious indicators support continued traffic permitting. Monitor for changes in threat posture, particularly given the geolocation validation discrepancy.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	NY
City	New York
Timezone	—
Latitude	40.79
Longitude	-74.06

🏢 Ownership & Registration

Organization	DigitalOcean, LLC
ASN	AS14061
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Multi-Service Host
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1
Closed Ports	25, 443, 3389, 8080, 8443 (2 open / 7 scanned)

Server	Apache/2.2.22 (Ubuntu)
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	25%	2	4
routing	8%	1	1
services	26%	2	3
ownership	24%	2	3
reputation	26%	1	3
geolocation	33%	2	3
Overall	24%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mostly Consistent (80%) — 1 contradiction(s)
Attribution	Low (35%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Claimed geolocation contradicts RTT physics measurement

📅 Observation Timeline 🔄 Live

First Seen	2026-05-21 02:50:28 UTC
Last Seen	2026-06-28 13:05:13 UTC
Profile Built	2026-06-29 07:08:58 UTC
Data Freshness	Live
Signal Types	20
Total Observations	23

🔍 20 signal types · 23 observations collected

This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

107.170.70.18📋 Copy