# IP Intelligence Briefing: 157.245.192.47/32
Classification: Low Risk | Analysis Date: 2026-06-26
## Executive Summary
IP 157.245.192.47 is a cloud-hosted web server infrastructure endpoint associated with DigitalOcean, LLC operating in Singapore. The IP presents low-risk characteristics with no active threat indicators, though it shows minor DNSBL presence. No immediate blocking is recommended, but standard cloud security monitoring applies.
## Technical Profile
Ownership & Infrastructure:
- Organization: DigitalOcean, LLC (ASN 14061)
- Infrastructure Type: CloudCompute / Hosting
- BGP Prefix: 157.245.192.0/20
- Control Plane: Stable routing observed
Geolocation:
- Location: Singapore (SG)
- Coordinates: 1.35°N, 103.82°E
- Accuracy Radius: 30km
- GeoValidation: Plausible (ICMP validation attempted but blocked)
Network Services:
- Open Ports: TCP/80 (HTTP), TCP/443 (HTTPS), TCP/22 (SSH)
- HTTP Server: nginx/2.0
- TLS Certificate: Sectigo (CN=*.cloudwaysapps.com)
- PTR Hostname: 1633562.cloudwaysapps.com
Risk Assessment:
- Overall Risk Score: 25 (Low Risk)
- Reputation: Low Risk
- Threat Indicators: None detected
- Blacklist Count: 0
- DNSBL Listed: 1 of 8 lists
- Abuse Confidence Score: Not applicable
## Behavioral History (26 Observations)
Recent Activity:
- Multiple HTTP/HTTPS connection attempts observed
- Last observation: 2026-06-26T20:47:28 UTC
- Status Code: 403 (Forbidden) on recent HTTP probes
- TLS/TLS-termination: Active HTTPS services
- Cloud infrastructure detection confirmed
Temporal Indicators:
- Ownership Changes: 0
- Threat Persistence Days: 0
- Threat Observation Count: 1
- Persistently Malicious: No
## Relationship Analysis
Network Associations:
- Same Network: Multiple references to DIGITALOCEAN-157-245-0-0
- No cross-organization relationships detected
- No known campaign correlations
Neighborhood Analysis (157.245.192.0/24):
- Abuse Density: Low (0.1304 operator score)
- Subnet Classification: Mostly Clean
- Threat Siblings: 1
- Inherited Risk: 2/10
## Threat Indicators
Malicious Indicators:
- β Not a Tor exit node
- β Not a known attacker
- β Not a spam source
- β No known malware campaigns
- β No associated threat feeds
Security Controls:
- SPF/DMARC: Not configured on associated domain
- CAA Records: Not configured
- DNSSEC: Valid
## Recommended Actions
Immediate Actions: None required
Monitoring Recommendations:
1. Monitor for status code changes (currently returns 403 on probes)
2. Watch for any DNSBL additions
3. Standard cloud security monitoring for SSH access attempts
Firewall Rules: No blocking recommended. Allow standard web/SSH traffic with existing organizational policies.
## Conclusion
IP 157.245.192.47 represents benign cloud hosting infrastructure with minimal risk profile. The absence of threat indicators, combined with established cloud provider infrastructure and low abuse density in the subnet, supports continued monitoring without restrictive filtering.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 1633562.cloudwaysapps.com |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 1633562.cloudwaysapps.com |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u9 |
π TLS Certificate
| SANs | *.cloudwaysapps.comcloudwaysapps.com |
| Valid From | 2026-03-24T00:00:00+00:00 |
| Valid Until | 2026-09-08T23:59:59+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 168 days |
| Serial Number | 009B708F987840C872F8BA3107B1BE80B7 |
| Thumbprint | 6C279C136F317BAEDEEEEA2E6CD5AABC7627E2E2 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 29% | 2 | 4 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 24% | 10 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:48 UTC |
| Last Seen | 2026-06-27 00:40:30 UTC |
| Profile Built | 2026-06-27 14:54:18 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 30 |
Full dossier details are available via our API.