IP Intelligence Briefing: 157.245.147.119
Date: 2026-06-15
**1. Risk Profile**
- Risk Score: 30 (Low Risk)
- Provider: DigitalOcean (ASN 14061)
- Geolocation: Singapore (SG), Latitude 1.35, Longitude 103.82
- Network Role: Cloud Compute (DigitalOcean infrastructure)
- Threat Indicators: No malicious activity detected (no abuse, spam, or known attacker flags).
**2. Observations**
- Recent Activity:
- Observed once with HTTP 401 status code (potential misconfiguration or test).
- TLS certificate valid (Letβs Encrypt, CN=admin.aihealth.art).
- Server banner: `nginx/1.18.0 (Ubuntu)`.
- Historical Trends:
- Single observation with low confidence (0.20).
- No persistent malicious activity or threat persistence.
**3. Network Relationships**
- Subnet: 157.245.144.0/20 (DigitalOcean CIDR).
- Neighbors: No neighboring IPs identified (subnet may be under-provisioned or isolated).
- Connections: Linked to DigitalOceanβs network infrastructure (no external malicious peers).
**4. Security Recommendations**
- Monitor: Track changes in geolocation or service configurations (e.g., HTTP 401 status).
- Validate: Confirm SSL certificate validity and check for misconfigured services (e.g., exposed SSH ports).
- Firewall: No immediate action required; no high-risk indicators.
**5. Conclusion**
This IP is associated with a legitimate cloud provider and shows no signs of malicious activity. While geolocation data is inconclusive, the low risk score and absence of threat indicators suggest it is not a current target for attackers. SOC teams should focus on ensuring proper configuration of services and monitoring for unexpected changes.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| 8080 | http-alt | tcp | β |
| Closed Ports | 25, 3389, 8443 (4 open / 7 scanned) | ||
| Server | nginx/1.18.0 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
π TLS Certificate
| SANs | admin.aihealth.art |
| Valid From | 2026-05-02T09:02:35+00:00 |
| Valid Until | 2026-07-31T09:02:34+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 89 days |
| Serial Number | 05F66B0C377D2C00FBFBCC2F9200CEB1BC96 |
| Thumbprint | 000937956A76DBE1C8DF75D011AB1C5CBC896766 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 26% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 25% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-22 15:18:25 UTC |
| Last Seen | 2026-06-28 19:38:27 UTC |
| Profile Built | 2026-06-29 07:42:48 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 24 |
Full dossier details are available via our API.