## IP INTELLIGENCE BRIEFING: 145.241.117.214/32
Date: 2026-06-16
Status: Low Risk | Risk Score: 25/100
---
EXECUTIVE SUMMARY
IP 145.241.117.214 is a low-risk infrastructure endpoint hosted on Oracle Cloud Infrastructure. The address exhibits minimal threat indicators, consistent web server behavior, and no evidence of malicious activity. No immediate blocking is recommended, though monitoring should continue due to one DNSBL listing.
---
OWNERSHIP & INFRASTRUCTURE
| Attribute | Value |
|---|---|
| **ASN** | 31898 (ORCL-MNT) |
| **Organization** | Oracle Cloud |
| **CIDR Block** | 145.241.112.0/20 |
| **RIR** | RIPE |
| **Network Classification** | Cloud Infrastructure |
The IP resides within Oracle's cloud provider infrastructure. Control plane analysis shows the address is assigned to BGP prefix 145.241.112.0/20. Route stability flags indicate potential routing changes in the last 30 days.
---
GEOLOCATION ANALYSIS
| Field | Value |
|---|---|
| **Country** | Sweden (SE) |
| **Region** | Dubai |
| **City** | Dubai |
| **Accuracy Radius** | 600 km |
| **Geo Sources** | 2 (Consensus: False) |
| **Plausibility** | True |
Geolocation data shows inconsistency between country code (SE) and region/city labels (Dubai). Multiple geo sources were consulted but failed to reach consensus. RTT validation was impeded by ICMP blocking.
---
THREAT INDICATORS
| Indicator | Status |
|---|---|
| **Tor Exit Node** | No |
| **Known Attacker** | No |
| **Spam Source** | No |
| **Blacklist Count** | 0 |
| **Campaign Associations** | None |
| **Threat Feeds** | Empty |
DNSBL Status: 1 listing out of 8 total lists checked. The single listing does not indicate active malicious use.
---
NETWORK SERVICES & EXPOSURE
| Port | Protocol | Service |
|---|---|---|
| 80 | TCP | HTTP |
| 443 | TCP | HTTPS |
| 22 | TCP | SSH (OpenSSH 8.9p1 Ubuntu) |
TLS Certificate:
- Subject: CN=shoaib-dev.com
- Issuer: Let's Encrypt (R13)
- SANs: shoaib-dev.com, www.shoaib-dev.com
Server Fingerprint: nginx/1.18.0 (Ubuntu) with HTTP/2 support
---
DNS & EMAIL AUTHENTICATION
- PTR Hostnames: None
- Forward Resolution: 0 records
- SPF Record: Absent
- DMARC Record: Absent
- TXT Records: 0
The domain lacks email authentication records (SPF/DMARC), which may indicate limited email services or misconfiguration.
---
RELATIONSHIP ANALYSIS
All 18 relationship entries map to network identifier SE-ORACLE-SE-19930809, confirming the IP belongs to a single network segment within Oracle's infrastructure. No external entity relationships (hostnames, certificates, organizations) were identified.
---
SUBNET NEIGHBORHOOD (145.241.117.0/24)
| Metric | Value |
|---|---|
| **Abuse Density** | 1 |
| **Classification** | Mostly Clean |
| **Total Siblings** | 1 |
| **Active Siblings** | 1 |
| **Threat Siblings** | 1 |
The /24 subnet shows minimal abuse activity with one active sibling and one threat sibling. Abuse density scoring indicates low neighborhood-level risk.
---
OBSERVATION HISTORY
Total Observations: 22 signals
Key historical signals include:
- 2026-06-16: Operator score 0.1304 (Minimal), DNSSEC evaluation completed
- 2026-06-15: HTTP fingerprinting confirmed nginx/1.18.0 with Next.js framework, HTTP/2 enabled, 1284ms TTFB
- 2026-06-15: Alienvault-OTX geolocation match AS8447 (Telekom Austria AG) in Switzerland
The IP has maintained consistent low-risk characteristics throughout the observation window with no threat persistence detected.
---
RECOMMENDED ACTIONS
Current Risk Score: 25/100 (Low Risk)
Recommended Security Actions:
1. No immediate blocking required β IP shows no malicious indicators
2. Monitor DNSBL listing β Investigate the single blacklist entry if false positives occur
3. Standard logging β Log inbound connections to ports 80, 443, 22
4. No firewall rules generated β Low-risk profile does not warrant automated blocking
Firewall Rule Status: None generated due to low-risk classification
---
ASSESSMENT
IP 145.241.117.214 represents a standard Oracle Cloud web server endpoint with no evidence of compromise or malicious use. The infrastructure aligns with legitimate cloud hosting patterns. Continued monitoring is appropriate, but no immediate defensive action is warranted based on current intelligence.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | ORCL-MNT |
| ASN | AS31898 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.18.0 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
π TLS Certificate
| SANs | shoaib-dev.comwww.shoaib-dev.com |
| Valid From | 2026-05-25T23:29:30+00:00 |
| Valid Until | 2026-08-23T23:29:29+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 89 days |
| Serial Number | 06567E17A4F0109A8997317CDFCFD96AB3C1 |
| Thumbprint | 2E80B201F973BEA0669B2E1FD4546484839E5999 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 23% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-23 00:18:19 UTC |
| Last Seen | 2026-06-28 20:09:40 UTC |
| Profile Built | 2026-06-29 02:12:25 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 23 |
Full dossier details are available via our API.