143.198.197.241
# INTELLIGENCE BRIEFING: 143.198.197.241/32
Classification: Cloud Infrastructure β Low Risk
Date: 2026-06-14
Analyst: IPDebrief Intelligence Team
---
## EXECUTIVE SUMMARY
IP address 143.198.197.241 is a cloud-hosted web server operating on DigitalOcean infrastructure in Singapore. The IP maintains a low-risk profile (Risk Score: 25) with no known malicious activity. The address is associated with the domain vktech.ai and exhibits standard web server characteristics.
---
## INFRASTRUCTURE PROFILE
| Attribute | Value |
|---|---|
| **ASN** | 14061 (DigitalOcean, LLC) |
| **Location** | Singapore, SG |
| **Infrastructure Type** | CloudCompute |
| **Risk Score** | 25 (Low) |
| **Reputation** | Low Risk |
| **DNSBL Listings** | 1 of 8 (Minimal impact) |
---
## NETWORK SERVICES & ENDPOINTS
Open Ports:
- TCP/80 (HTTP)
- TCP/443 (HTTPS)
- TCP/22 (SSH β OpenSSH 9.6p1 Ubuntu)
TLS Certificate:
- Issuer: Let's Encrypt
- Subject: backstop.vktech.ai
- Valid: Not expired (current status)
HTTP Fingerprint:
- Server: nginx/1.24.0 (Ubuntu)
- Response Code: 307 (Temporary Redirect)
- HTTP/2: Not enabled
---
## DOMAIN & EMAIL SECURITY
Associated Domain: vktech.ai
Email Authentication:
- SPF: Configured (v=spf1 mx include:sendgrid.net ~all)
- DMARC: Configured (p=quarantine)
- TXT Records: 3 records present
Email Security Assessment: Properly configured with industry-standard authentication mechanisms.
---
## OBSERVATION HISTORY
Total Observations: 23 signals recorded
Recent Activity (2026-06-14):
- Subnet classification: "mostly_clean" with abuse density 1
- 2 active sibling IPs in /24, both showing low risk
- No persistent malicious behavior detected
- Threat observation count: 1
Temporal Analysis:
- Ownership changes: 0
- Threat persistence days: 0
- Is persistently malicious: False
---
## NETWORK NEIGHBORHOOD
Subnet: 143.198.197.241/24
Abuse Density: 0β1 (Low)
Classification: mostly_clean
Neighbor Analysis:
- Total neighbors: 1
- Neighbor IP: 143.198.197.213 (Risk Score: 25, Authority Score: 50)
- Risk Distribution: 1 Low, 0 Medium, 0 High
Conclusion: Clean neighborhood with no elevated threat indicators.
---
## RELATIONSHIP GRAPH
Total Relationships: 41
Primary Associations:
- Same Network: DIGITALOCEAN-143-198-0-0 (36+ entries)
- No known malicious correlations or campaign associations detected
---
## THREAT INDICATORS
Current Status: CLEAN
| Indicator | Status |
|---|---|
| Is Tor Exit Node | False |
| Is Known Attacker | False |
| Is Spam Source | False |
| Blacklist Count | 0 |
| Known Campaigns | None |
---
## CONTROL PLANE DATA
| Parameter | Value |
|---|---|
| Origin ASN | 14061 |
| BGP Prefix | 143.198.192.0/20 |
| Route Stability | False |
| DNSSEC Valid | True |
| RPKI State | Not reported |
| Route Changes (30d) | 0 |
---
## RECOMMENDED ACTIONS
Firewall Rules:
- Allow: TCP 80, 443 (standard web traffic)
- Allow: TCP 22 (SSH β review against internal policy)
- Rate Limit: Consider rate limiting if SSH access is not required
Monitoring Recommendations:
- Monitor for TLS certificate expiration (Let's Encrypt)
- Track outbound connections to sendgrid.net (email provider)
- No immediate blocking required
Threat Intel Correlation:
- No active threat indicators
- No campaign correlations
- Clean historical footprint
---
## SOC DECISION
Status: MONITOR
Action: No blocking recommended. Standard web traffic monitoring applies. SSH access should be validated against internal access policies.
---
*Report generated: 2026-06-14*
*Data Source: IPDebrief Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.24.0 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
π TLS Certificate
| SANs | backstop.vktech.ai |
| Valid From | 2026-05-30T20:27:28+00:00 |
| Valid Until | 2026-08-28T20:27:27+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 0615CADAE712D85AD40799698F35A3BB9F38 |
| Thumbprint | A90D92E900649B7A44193BB77B0268970219B262 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 29% | 2 | 4 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 24% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-14 19:28:03 UTC |
| Last Seen | 2026-06-28 01:13:09 UTC |
| Profile Built | 2026-06-28 19:18:39 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 26 |
Full dossier details are available via our API.