## IP Intelligence Briefing: 161.118.199.48
Executive Summary
IP 161.118.199.48 is a low-risk Oracle Cloud infrastructure address with minimal threat indicators. The IP operates within a clean subnet environment with no known malicious activity detected.
Infrastructure Profile
- IP Address: 161.118.199.48/32
- Organization: ORACLE CORPORATION - network administrator
- ASN: 31898
- Country: Singapore (SG)
- Infrastructure Type: CloudCompute (Oracle Cloud)
- Network Role: Firewalled / No Services
Risk Assessment
- Overall Risk Score: 25 (Low Risk)
- Operator Score: 0.1304 (Minimal)
- Abuse Confidence: Not elevated
- Blacklist Status: 0 known blacklists; 1 DNSBL listing among 8 total lists
Service & Network Analysis
- Open Ports: None detected
- DNS Resolution: No PTR hostnames; no forward resolution
- Services: No active services detected
- Network Classification: Cloud-hosted infrastructure with firewalled access
Threat Indicators
- Known Attacker: No
- Spam Source: No
- Tor Exit: No
- Campaign Associations: None
- Threat Observations: 1 historical observation (non-persistent)
Temporal Analysis
- Observation Count: 16 signals recorded
- Threat Persistence: 0 days
- Ownership Changes: 0
- Recent Activity: Stable with no escalation trends
Neighborhood Context
- Subnet: 161.118.199.48/24
- Abuse Density: 0 (clean subnet)
- Classification: Mostly clean
- Neighbor Risk: No high-risk adjacent addresses
Relationship Graph
- Network Affiliation: 16 relationships identified with ORACLEV6-AP network segment
- Cross-Referenced Entities: Primarily network-level associations
Recommended Actions
No immediate blocking or mitigation actions recommended. The IP exhibits standard Oracle Cloud infrastructure behavior with no indicators of compromise.
Notes for SOC Analysts
This address represents legitimate Oracle Cloud infrastructure with typical cloud hosting characteristics. The single DNSBL listing is likely a false positive or routine listing for cloud provider infrastructure. Monitor for any changes in service patterns or emergence of threat indicators, though current assessment indicates low priority for defensive actions.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | ORACLE CORPORATION - network administrator |
| ASN | AS31898 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 22% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-15 02:49:58 UTC |
| Last Seen | 2026-06-28 01:49:45 UTC |
| Profile Built | 2026-06-28 19:54:22 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 22 |
Full dossier details are available via our API.