159.65.54.130
IP Intelligence Briefing: 159.65.54.130
*Generated via IPDebrief tools (profile, history, relationships, neighbors)*
---
**1. Risk Profile**
- Risk Score: Moderate (50/100)
- Provider: DigitalOcean, LLC (ASN 14061)
- Geolocation:
- Country: US
- City: London (possibly inaccurate; geolocation may be misconfigured)
- Network Role: CloudCompute (DigitalOcean droplet)
- Threat Indicators: None detected (no malware, spam, or known attacker associations)
---
**2. Observation History**
- Recent Activity:
- 2026-06-16: HTTPS connection failed (confidence 30%)
- 2026-06-12: Similar HTTPS connection failures noted
- Stability: Unstable (route changes detected; BGP instability flagged)
- Trend: No persistent malicious activity observed.
---
**3. Relationships**
- Network Affiliation:
- Subnet: `159.65.0.0/16` (DigitalOcean)
- No direct relationships to other IPs, hostnames, or organizations.
- DNS: No PTR records or domain associations.
---
**4. Neighborhood Analysis**
- Subnet: `159.65.54.130/24`
- Abuse Density: 0% (clean subnet)
- Neighbors: No active IPs in the subnet (0 siblings detected).
---
**5. Security Recommendations**
- Monitor: Investigate HTTPS connection failures (potential misconfigurations or transient issues).
- Verify Geolocation: Confirm IP's physical location, as geolocation data shows "London" despite being linked to a US-based provider.
- Secure Services: Ensure SSH (port 22) and HTTP/HTTPS (ports 80/443) are properly configured with firewall rules.
- Check TLS: Verify SSL/TLS certificate validity for HTTPS services.
---
Conclusion:
This IP is associated with a DigitalOcean cloud server, showing no direct malicious activity. However, unstable network routes and unexplained geolocation data warrant further investigation. SOC teams should monitor connection anomalies and ensure server security practices are robust.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | DIGITALOCEAN-159-65-0-0 |
| CIDR Block | 159.65.0.0/16 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.29.8 |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 27% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 33% | 2 | 4 |
| Overall | 25% | 10 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-30 10:58:12 UTC |
| Last Seen | 2026-06-29 07:31:36 UTC |
| Profile Built | 2026-06-29 07:34:34 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 22 |
Full dossier details are available via our API.