146.190.252.200
# IPDEBRIEF INTELLIGENCE BRIEFING
Target IP: 146.190.252.200
Analysis Date: Current
Risk Classification: Low Risk (Score: 25/100)
---
## EXECUTIVE SUMMARY
This IP address resolves to a DigitalOcean cloud infrastructure instance in Toronto, Ontario, Canada. The address is registered under CloudwaysApps domain infrastructure and presents a low-risk profile with no active threat indicators. The IP operates as a web server on cloud hosting infrastructure with standard HTTP/HTTPS services exposed.
---
## NETWORK OWNERSHIP & GEOLOCATION
Provider: DigitalOcean, LLC (ASN 14061)
Location: Toronto, Ontario, Canada (CA)
Geolocation Accuracy: 4,500 km radius (consensus: plausible)
Infrastructure Type: Cloud Compute
CIDR Block: 146.190.240.0/20 (controlled by DigitalOcean)
RPKI State: Valid
Operator Score: 0.1304 (Minimal)
---
## DNS RESOLUTION & HOSTNAMES
Primary Hostname: 1628058.cloudwaysapps.com
Domain Authority: cloudwaysapps.com
Forward Resolution Confirmed: Yes
Email Authentication: SPF/DMARC not configured (typical for cloud instances)
Forward Resolution Count: 1
---
## EXPOSED SERVICES
| Port | Protocol | Service |
|---|---|---|
| 80 | TCP | HTTP |
| 443 | TCP | HTTPS |
| 22 | TCP | SSH |
Web Server: nginx
TLS Certificate: Sectigo Public Server Authentication CA (CN=*.cloudwaysapps.com)
Certificate Issuer: Sectigo Limited, GB
Certificate Status: Valid (not self-signed)
---
## THREAT INDICATORS
Overall Threat Status: Clean
Blacklist Count: 0
Known Campaigns: None detected
Tor Exit Node: False
Known Attacker: False
Spam Source: False
DNSBL Listings: 1 of 8 (minimal impact)
Control Plane Data:
- Route Stability: False
- MOAS Status: False
- Route Changes (30d): 0
- IRR Consistency: Unknown
---
## OBSERVATION HISTORY (22 TOTAL SIGNALS)
Temporal Analysis:
- Observations span from June 2026
- Cloud infrastructure classification consistent across all signals
- HTTP responses show 403 status codes (access control measures)
- No persistent malicious activity detected
Key Historical Signals:
- Cloud infrastructure consistently classified across all probes
- Geographic validation blocked (ICMP violation)
- Neighborhood abuse density: 0.5 (moderate)
- Classification: mostly_clean
---
## NETWORK NEIGHBORHOOD ANALYSIS
Subnet: 146.190.252.200/24
Total Siblings: 2
Active Siblings: 1
Threat Siblings: 1
Abuse Density: 0.5 (moderate)
Inherited Risk: 2/100
Neighbor IP Profile:
- 146.190.252.159 (Risk Score: 25, Authority Score: 50)
---
## RELATIONSHIP GRAPH
Total Relationships: 45
Primary Relationship Types:
- Same Network: DO-13 (40+ instances)
- Additional relationships include network associations and infrastructure links
---
## RECOMMENDATIONS
Firewall/Security Actions:
- No blocking required at this time
- Low-risk profile supports continued monitoring
- Consider monitoring for any change in threat indicators
SOC Analyst Notes:
- IP represents legitimate cloud infrastructure usage
- No evidence of malicious activity or compromise
- Neighbor IP (146.190.252.159) shares similar risk profile
- Continued monitoring recommended if this IP appears in threat intelligence feeds
Risk Assessment: LOW RISK โ No immediate threat action required. IP is part of standard cloud hosting infrastructure with no active indicators of compromise.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 1628058.cloudwaysapps.com |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 1628058.cloudwaysapps.com |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u9 |
๐ TLS Certificate
| SANs | *.cloudwaysapps.comcloudwaysapps.com |
| Valid From | 2026-03-24T00:00:00+00:00 |
| Valid Until | 2026-09-08T23:59:59+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 168 days |
| Serial Number | 009B708F987840C872F8BA3107B1BE80B7 |
| Thumbprint | 6C279C136F317BAEDEEEEA2E6CD5AABC7627E2E2 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 28% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 31% | 2 | 3 |
| Overall | 24% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-10 04:11:30 UTC |
| Last Seen | 2026-06-27 16:52:38 UTC |
| Profile Built | 2026-06-28 10:59:14 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 28 |
Full dossier details are available via our API.