142.93.70.231

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IPDEBRIEF INTELLIGENCE BRIEFING

Target: 142.93.70.231/32

Date: 2026-06-20

Classification: LOW RISK / Cloud Infrastructure

---

EXECUTIVE SUMMARY

The target IP 142.93.70.231 is a low-risk (25/100) DigitalOcean cloud compute instance located in Clifton, NJ. The IP hosts HTTPS traffic on port 443 with nginx web server software running. While the overall risk profile remains low, one high-severity blacklist listing warrants monitoring. The subnet exhibits minimal abuse density (0), and the IP maintains standard cloud infrastructure characteristics with no evidence of malicious activity patterns.

---

OWNERSHIP & INFRASTRUCTURE

Organization: DigitalOcean, LLC (ASN 14061)
Infrastructure Type: CloudCompute / Cloud Hosting
Geolocation: United States, New Jersey (Clifton)
CIDR Block: 142.93.64.0/20
Route Stability: Unstable (route changes observed in past 30 days)
DNSSEC: Valid

---

THREAT INDICATORS

Overall Risk Score: 25 (Low)
Blacklist Status: Listed on 8 DNSBLs with 1 high-severity listing
Is Known Attacker: No
Is Tor Exit: No
Is Spam Source: No
Operator Score: 0.1304 (Minimal)
Abuse Confidence: Not elevated

---

NETWORK SERVICES & SIGNATURES

Open Ports: 443/TCP (HTTPS)
Web Server: nginx
TLS Certificate: Let's Encrypt (R12), subject CN=test.polpo.uy
HTTP Status: 303 (Redirect)
Security Headers: HSTS enabled (max-age=31536000; includeSubdomains; preload), Content-Type Options: nosniff, X-Frame-Options: SAMEORIGIN
HTTP/2: Enabled

---

OBSERVATION HISTORY (19 TOTAL)

Recent observations captured on 2026-06-20 show consistent cloud infrastructure signatures with nginx web server fingerprinting. Geolocation signals indicate US presence with multi-signal inference methodology. The IP has demonstrated persistent cloud hosting characteristics across all observation windows.

---

RELATIONSHIP ANALYSIS

The IP maintains 27 relationships, all classified as "Same Network" type pointing to DIGITALOCEAN-142-93-0-0 network prefix. No hostname, organization, or certificate relationships detected beyond network-level associations.

---

SUBNET ANALYSIS (142.93.70.231/24)

Abuse Density: 0 (Low)
Classification: Mostly Clean
Inherited Risk: 2
Total Siblings: 1
Active Siblings: 1
Threat Siblings: 1

---

SOC ACTION ITEMS

1. Monitor Blacklist Listing: Review the single high-severity blacklist listing to determine source and context

2. Certificate Analysis: Investigate test.polpo.uy domain ownership and potential phishing/brand impersonation risk

3. Traffic Pattern Review: Verify legitimate business purpose for HTTPS redirect behavior (303 status)

4. Continued Monitoring: Track route stability changes and any new threat indicators

---

*Data Source: IPDebrief Intelligence Platform*

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	NJ
City	Clifton
Timezone	—
Latitude	40.84
Longitude	-74.14

🏢 Ownership & Registration

Organization	DigitalOcean, LLC
ASN	AS14061
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	60% (Good)
SPF	Present
DMARC	Present
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
443	https	tcp	—
Closed Ports	22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned)

Server	nginx
HTTP Title	—

🔐 TLS Certificate

An expired certificate for CN=test.polpo.uy was found on this IP. This may indicate a previously hosted website, a decommissioned service, or stale infrastructure.

🔒

CN=test.polpo.uy

Issued by CN=R12, O=Let's Encrypt, C=US

Self-signed: No

SANs	test.polpo.uytest13.polpo.uy
Valid From	2026-03-04T20:05:14+00:00
Valid Until	2026-06-02T20:05:13+00:00 (expired)
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha256RSA
Validity Period	89 days
Serial Number	05B3966EAAA121ACA252CE9C1729AF685B16
Thumbprint	BB4C0B6C1E94517B7C3DB382E3147327DDC7C573

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	25%	2	4
routing	8%	1	1
services	26%	2	3
ownership	24%	2	3
reputation	26%	1	3
geolocation	33%	2	3
Overall	24%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-20 22:12:05 UTC
Last Seen	2026-06-28 12:33:38 UTC
Profile Built	2026-06-29 06:37:54 UTC
Data Freshness	Live
Signal Types	20
Total Observations	24

🔍 20 signal types · 24 observations collected

This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

142.93.70.231📋 Copy