142.93.9.162

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

Intelligence Briefing for IP 142.93.9.162/32

Summary:

IP address 142.93.9.162/32 is associated with DigitalOcean, a cloud infrastructure provider. The IP address falls within the range allocated to DigitalOcean's data centers. Analysis of historical and current data shows no direct evidence of malicious activity associated specifically with this IP address. However, as with any cloud-hosted IP, the potential for misuse exists, depending on the nature of the services or applications running on the infrastructure.

Observation History:

Recent Activity: Monitoring tools have not flagged any recent anomalous activities or connections specifically linked to this IP address. The address is primarily used for legitimate cloud services provided by DigitalOcean.
Historical Data: Historical data does not indicate any significant deviations from typical cloud service traffic patterns. There are no records of the IP being blacklisted or associated with known malware.

Relationships:

Provider: This IP is part of the infrastructure offered by DigitalOcean, which hosts a wide range of legitimate web applications and services.
Associated Domains: The IP address resolves to multiple domains hosted on DigitalOcean, primarily used for web hosting purposes. No specific domains have been flagged for malicious behavior.

Neighborhood Data:

Proximity to Other IPs: The IP is in proximity to other DigitalOcean infrastructure IPs, which also show no signs of malicious activity. This is consistent with typical cloud service provider IP allocations.
Network Environment: The surrounding network environment is characteristic of a cloud service provider, with numerous IPs allocated for hosting diverse services.

Threat Intelligence Narrative:

While the IP address 142.93.9.162/32 is associated with legitimate cloud services provided by DigitalOcean, SOC analysts should remain vigilant. Cloud environments can be exploited by threat actors to host malicious services or obfuscate attacks. It is recommended to monitor traffic patterns for anomalies and ensure proper security measures are in place for any services using this IP. Continuous threat intelligence updates and network monitoring are advised to detect any potential misuse promptly.

Actionable Recommendations:

1. Monitor Traffic: Implement network monitoring to detect unusual traffic patterns associated with this IP.

2. Validate Services: Ensure that all services hosted on this IP are legitimate and authorized.

3. Update Threat Intelligence: Regularly update threat intelligence feeds to capture any emerging threats related to this IP.

4. Security Measures: Enforce robust security measures, including firewalls and intrusion detection systems, to protect against potential exploitation.

This briefing is based on the latest available data and should be used as part of a comprehensive security strategy.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	NJ
City	North Bergen
Timezone	—
Latitude	40.80
Longitude	-74.02

🏢 Ownership & Registration

Organization	DigitalOcean, LLC
ASN	AS14061
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	60% (Good)
SPF	Present
DMARC	Present
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	nginx/1.24.0 (Ubuntu)
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16

🔐 TLS Certificate

🔒

CN=tessa.nine8labs.com

Issued by CN=YE1, O=Let's Encrypt, C=US

Self-signed: No

SANs	tessa.nine8labs.com
Valid From	2026-06-03T18:40:17+00:00
Valid Until	2026-09-01T18:40:16+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	066FC3BA9E494158C30466DD9B492DABD664
Thumbprint	82DCDFBCD85266871AF4786989E0B1E40D7C15A3

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	40%	2	5
routing	8%	1	1
services	28%	2	3
ownership	20%	2	3
reputation	28%	1	3
geolocation	31%	2	3
Overall	26%	10	18

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Mostly Consistent (80%) — 1 contradiction(s)
Attribution	Low (35%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

⚠ Claimed geolocation contradicts RTT physics measurement

📅 Observation Timeline 🔄 Live

First Seen	2026-05-09 11:33:35 UTC
Last Seen	2026-06-27 15:18:11 UTC
Profile Built	2026-06-28 09:24:32 UTC
Data Freshness	Live
Signal Types	21
Total Observations	27

🔍 21 signal types · 27 observations collected

This report is generated from 21+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

142.93.9.162📋 Copy