IPDebrief

164.92.172.241

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

Target: 164.92.172.241/32

Classification: Cloud Compute Infrastructure (DigitalOcean)

Date: 2026-06-16

Risk Assessment: MODERATE RISK (Score: 40/100)

---

## EXECUTIVE SUMMARY

IP 164.92.172.241 is a DigitalOcean cloud infrastructure endpoint located in Frankfurt am Main, Germany. The IP shows a moderate risk profile with no active threat indicators, no known malicious activity, and zero observed abuse. The IP is classified as hosting infrastructure with no open services detected. Historical observations indicate stable ownership with no malicious persistence patterns.

---

## OWNERSHIP & GEOLOCATION

AttributeValue
ASN14061
OrganizationDigitalOcean, LLC
Network Block164.92.64.0/18
CityFrankfurt am Main
CountryGermany (DE)
RegionHesse
TimezoneEurope/Berlin
Infrastructure TypeCloud Compute

---

## THREAT ASSESSMENT

Risk Profile: Moderate Risk (40/100)

Threat Indicators: NONE DETECTED

Blacklist Status: 0 blacklists

DNSBL Listings: 2 of 8 total lists

Tor Exit Node: No

Known Attacker: No

Spam Source: No

Risk Breakdown:

---

## NETWORK CLASSIFICATION

ClassificationStatus
Cloud InfrastructureYES
CDNNO
VPNNO
ProxyNO
TorNO
HostingYES
MobileNO
ResidentialNO
BogonNO
AnycastNO

Service Status: Firewalled / No Services Detected

Open Ports: None

TLS Certificate: None

HTTP Banner: None

---

## NEIGHBORHOOD ANALYSIS

Subnet: 164.92.172.241/24

Abuse Density: 0 (Clean)

Classification: Clean

Total Siblings: 1

Active Siblings: 0

Threat Siblings: 0

No neighboring IPs show abuse indicators. The subnet demonstrates clean classification with no inherited risk.

---

## OBSERVATION HISTORY

Total signals observed: 17

Recent Signals (2026-06-16):

Temporal Analysis:

---

## RELATIONSHIP GRAPH

All 5 detected relationships map to the same network block (DO-13). No external entity associations detected (hostnames, organizations, certificates).

---

## NETWORK ROUTING & CONTROL PLANE

BGP Prefix: 164.92.160.0/20

Route Stable: NO

RPKI State: Not evaluated

IRR Consistency: Not evaluated

DNSSEC Valid: YES

Route Changes (30d): 0

Trace Analysis:

---

## SECURITY ACTIONS & RECOMMENDATIONS

Recommended Action: Block traffic at perimeter layers (probability-based recommendation)

Firewall Rules Provided:

iptables:

```

iptables -A INPUT -s 164.92.172.241 -j DROP

```

nftables:

```

nft add rule inet filter input ip saddr 164.92.172.241 drop

```

nginx:

```

deny 164.92.172.241;

```

pfSense:

```

164.92.172.241/32

```

Cloudflare WAF:

```json

{"description":"Block 164.92.172.241 โ€” IPDebrief risk score 40","action":"block","filter":{"expression":"ip.src eq 164.92.172.241"}}

```

AWS WAF:

```json

{"Addresses":["164.92.172.241/32"],"Description":"IPDebrief risk 40"}

```

---

## INTELLIGENCE NARRATIVE

IP 164.92.172.241 represents a DigitalOcean cloud compute endpoint with moderate risk scoring primarily driven by operator-level metrics rather than active threat indicators. The IP shows no evidence of malicious activity, with zero blacklist entries and no known associations with attack campaigns. Geolocation data validates Frankfurt, Germany placement with plausible RTT metrics (avg 111.8ms).

The absence of open services, TLS certificates, or email authentication records suggests either a dormant endpoint, internal-only infrastructure, or intentionally firewalled service. The subnet neighborhood remains clean with no abuse density or threat siblings. Historical signals indicate stable ownership with no malicious persistence patterns observed.

Recommendation: Block at network perimeter due to moderate risk score (40/100), though the lack of active threat indicators warrants correlating with additional telemetry before enforcement. No immediate threat indicators detected.

---

Classification: UNCLASSIFIED

Distribution: SOC Team

Platform: IPDebrief Intelligence

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡ฉ๐Ÿ‡ช Germany
RegionHesse
CityFrankfurt am Main
TimezoneEurope/Berlin
Latitude50.12
Longitude8.68

๐Ÿข Ownership & Registration

OrganizationDigitalOcean, LLC
ASNAS14061
Network NameDO-13
CIDR Block164.92.64.0/18
RIRARIN
CountryUnited States
Abuse ContactAvailable via RDAP

๐ŸŒ DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)

๐Ÿ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeFirewalled / No Services
Network TierHosting โ€” Infrastructure provider without advanced routing
CloudHosting

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
24%
22
routing
17%
11
services
17%
11
ownership
35%
23
reputation
17%
12
geolocation
35%
23
Overall24%912
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Live

First Seen2026-06-10 08:39:38 UTC
Last Seen2026-06-21 17:16:17 UTC
Profile Built2026-06-21 17:22:31 UTC
Data FreshnessLive
Signal Types18
Total Observations21
๐Ÿ” 18 signal types ยท 21 observations collected
This report is generated from 18+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.