143.110.190.22
# IP INTELLIGENCE BRIEFING: 143.110.190.22
## Executive Summary
IP address 143.110.190.22 presents as a low-risk cloud infrastructure endpoint operating within DigitalOcean's Bengaluru, India region. The IP exhibited a risk score of 25, with no active threat indicators, known campaigns, or malicious reputation. Infrastructure classification indicates legitimate cloud computing usage with standard web services.
## Technical Profile
Ownership and Classification:
- ASN: 14061 (DigitalOcean, LLC)
- Registry: ARIN
- Infrastructure Type: Cloud Compute / Web Server
- Network Classification: Cloud Hosting
Geolocation:
- Country: India (IN)
- Region: Karnataka (KA)
- City: Bengaluru
- Accuracy Radius: 2250 km
Network Services:
- Port 80/TCP: HTTP (nginx/1.18.0)
- Port 443/TCP: HTTPS
- Port 22/TCP: SSH (OpenSSH_8.9p1 Ubuntu-3ubuntu0.15)
- TLS Certificate: Let's Encrypt (CN=admin.is.dataxchange.in)
- HTTP Status: 502 (Bad Gateway)
DNS Configuration:
- Forward Resolution: 0 hostnames
- Email Authentication: SPF and DMARC not configured
- DNSSEC: Valid
- DNSBL Listed: 1 of 8 lists
## Threat Intelligence
Risk Assessment:
- Overall Risk Score: 25 (Low Risk)
- Abuse Confidence Score: Not applicable
- Blacklist Count: 0
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
Campaign Indicators:
- Campaign Likelihood: None
- Certificate Matches: 0
- Banner Matches: 0
- Correlated IPs: 0
Control Plane Data:
- Route Origin ASN: 14061
- BGP Prefix: 143.110.176.0/20
- AS Path: 57866 6453 4755 14061
- Route Stability: Stable
- RPKI State: Not evaluated
- Operator Score: 0.2609 (Basic)
## Network Context
Subnet Analysis (143.110.190.22/24):
- Subnet Classification: Mostly Clean
- Abuse Density: 1 (low)
- Inherited Risk: 2
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 1
- High Risk Neighbors: 0
- Medium Risk Neighbors: 0
The /24 subnet exhibits minimal abuse activity with a single threat sibling IP present. No high or medium-risk neighbors were identified.
Relationship Graph:
- 20 relationships identified
- Primary relationship type: Same Network (DigitalOcean-143-110-128-0)
- No external organization or hostname correlations detected
## Historical Analysis
Observation Timeline:
- Total Observations: 25
- Data Span: Multiple observation windows
- Threat Persistence Days: 0
- Ownership Changes: 0
Key Historical Signals:
- 2026-06-20: ASN 14061 assignment confirmed (allocated 2012-09-25)
- 2026-06-20: BGP routing data observed with origin ASN 14061
- 2026-06-20: Geographic validation attempted (ICMP blocked, unable to validate)
- 2026-06-28: Cloud infrastructure classification confirmed
Temporal Trends:
- No persistent malicious behavior observed
- No ownership transitions detected
- Risk profile remains stable over observation period
## Security Recommendations
Immediate Actions:
- No specific firewall rules or blocking actions recommended
- Risk score (25) falls below typical threshold for automated blocking
- Standard cloud service monitoring applies
Monitoring Considerations:
- Monitor for changes in risk score above threshold
- Watch for certificate expiration (Let's Encrypt issued)
- Track subnet 143.110.190.0/24 for emerging threat indicators
- Review DNSBL listing status periodically
Infrastructure Notes:
- SSL/TLS certificate issued by Let's Encrypt for admin.is.dataxchange.in
- Server fingerprint: nginx/1.18.0 on Ubuntu
- SSH service accessible on port 22
- HTTP 502 responses may indicate application-level issues rather than security concerns
Conclusion:
The IP address 143.110.190.22 represents standard cloud infrastructure with minimal threat indicators. No immediate blocking or defensive actions are warranted based on current intelligence. Continue standard monitoring practices for cloud-hosted endpoints.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | โ |
| CIDR Block | 143.110.176.0/20 |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.18.0 (Ubuntu) |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
๐ TLS Certificate
| SANs | admin.is.dataxchange.in |
| Valid From | 2026-05-19T10:18:58+00:00 |
| Valid Until | 2026-08-17T10:18:57+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 89 days |
| Serial Number | 052594B58C3B11D4F0C89A1CB83E815C050B |
| Thumbprint | 1207B15F545853468FF579C9FEE065502B2E460D |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 24% | 2 | 3 |
| services | 24% | 2 | 3 |
| ownership | 37% | 3 | 6 |
| reputation | 26% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 28% | 12 | 22 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-19 23:48:57 UTC |
| Last Seen | 2026-06-28 10:27:22 UTC |
| Profile Built | 2026-06-29 04:32:52 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 29 |
Full dossier details are available via our API.