143.198.114.177
IP Intelligence Briefing: 143.198.114.177
Date: 2026-06-12
---
**1. IP Profile**
- Provider: DigitalOcean, LLC (ASN 14061)
- Geolocation: Registered to New Jersey, US, but geo validation flags "plausible" as false (RTT inconsistency detected).
- Risk Score: 50 (Moderate Risk)
- Network Role: CloudCompute infrastructure (hosting provider).
- Services:
- SSH service (port 22) with banner: `SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15`.
- No TLS or HTTP services detected.
- Threat Indicators: None detected (no abuse, spam, or malicious campaigns).
---
**2. Observation History**
- Signal Consistency: Low confidence in recent observations (e.g., DNSSEC, routing, and reputation signals).
- Key Findings:
- No persistent malicious activity or threat campaigns.
- Geo validation shows a "violation" due to unusually low RTT (29ms) for its distance (5,963km), suggesting potential spoofing or misconfigured routing.
---
**3. Relationships**
- Network Associations:
- Linked to DigitalOcean's `DIGITALOCEAN-143-198-0-0` network.
- DNS:
- Resolves to `prod-bromine-nyc1-22.do.binaryedge.ninja` (subdomain of `binaryedge.ninja`).
- No malicious or suspicious relationships detected.
---
**4. Subnet Neighborhood**
- Subnet: `143.198.114.177/24`
- Neighbor Risk:
- 1 active sibling IP (`143.198.114.199`) with a low risk score (25).
- Abuse Density: 0% (clean subnet).
---
**5. Recommended Actions**
- Monitoring: Investigate geo validation anomalies (RTT inconsistency) to rule out spoofing.
- Firewall: Consider blocking the IP if it exhibits unexpected behavior (e.g., new services, outbound traffic).
- Example rule:
```bash
iptables -A INPUT -s 143.198.114.177 -j DROP
```
- Context: Legitimate cloud server with no immediate threats, but geo validation issues warrant further scrutiny.
---
Conclusion: This IP is associated with DigitalOcean and appears benign. However, geo validation discrepancies suggest potential misconfiguration or spoofing. Monitor for behavioral changes.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | DIGITALOCEAN-143-198-0-0 |
| CIDR Block | 143.198.0.0/16 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | prod-bromine-nyc1-22.do.binaryedge.ninja |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | prod-bromine-nyc1-22.do.binaryedge.ninja |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 27% | 2 | 3 |
| Overall | 22% | 10 | 14 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Moderate (55%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-30 23:03:32 UTC |
| Last Seen | 2026-06-21 05:52:11 UTC |
| Profile Built | 2026-06-21 06:00:02 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 22 |
Full dossier details are available via our API.