164.92.205.31
# IP Intelligence Briefing: 164.92.205.31/32
Classification: Low Risk / Cloud Infrastructure
Report Date: 2026-06-21
Analyst: IPDebrief Intelligence Unit
## Executive Summary
IP address 164.92.205.31 presents a low-risk profile with a risk score of 25. The address belongs to DigitalOcean, LLC (ASN 14061) within the DO-13 network block (164.92.64.0/18). Geolocation data places the IP in Frankfurt am Main, Hesse, Germany. The IP shows cloud computing infrastructure characteristics with no active services detected on open ports.
## Ownership and Infrastructure
| Attribute | Value |
|---|---|
| **Organization** | DigitalOcean, LLC |
| **ASN** | 14061 |
| **Network** | DO-13 (164.92.64.0/18) |
| **RIR** | ARIN |
| **Infrastructure Type** | CloudCompute |
| **Classification** | Cloud Hosting |
## Network Classification and Services
The IP addresses cloud computing infrastructure. No open ports were detected during service scanning. DNS resolution returned no PTR hostnames, and forward resolution was unsuccessful. Email authentication records (SPF, DMARC) were absent.
| Signal | Status |
|---|---|
| **isCloud** | True |
| **isHosting** | True |
| **isCDN** | False |
| **isTor/VPN/Proxy** | False |
| **Open Ports** | None detected |
## Threat Intelligence Indicators
Threat Assessment: Minimal threat activity observed.
| Indicator | Status |
|---|---|
| **Abuse Confidence Score** | Not applicable |
| **Known Attacker** | False |
| **Spam Source** | False |
| **Tor Exit Node** | False |
| **Blacklist Count** | 0 |
| **Known Campaigns** | None |
| **Threat Feeds** | Empty |
Control Plane: DNSSEC validation passed. The IP appears on 1 of 8 DNSBL lists (DNSBL Listed Count: 1).
## Observation History
Signal observation history contains 17 recorded observations spanning from 2026-06-16 to 2026-06-21. Recent observations confirm:
- Cloud infrastructure identification (confidence: 0.90)
- Subnet abuse density classification as "mostly_clean" (confidence: 0.40)
- Ownership stability maintained with zero ownership changes
- No persistent malicious behavior detected
## Neighborhood Analysis
The /24 subnet (164.92.205.0/24) was analyzed for neighboring IP addresses.
| Metric | Value |
|---|---|
| **Subnet** | 164.92.205.0/24 |
| **Abuse Density** | 1 |
| **Classification** | Mostly Clean |
| **Total Siblings** | 1 |
| **Active Threat Siblings** | 1 |
| **Risk Distribution** | High: 0, Medium: 0, Low: 0 |
## Geolocation Validation
| Attribute | Value |
|---|---|
| **Country** | Germany (DE) |
| **Region** | Hesse |
| **City** | Frankfurt am Main |
| **Timezone** | Europe/Berlin |
| **Probe Count** | 5 |
| **Average RTT** | 113.4 ms |
## Recommended Actions
No specific security actions or firewall rules were generated based on the current risk profile. The IP presents minimal threat characteristics consistent with legitimate cloud infrastructure operations.
Summary: IP 164.92.205.31 is classified as low-risk cloud infrastructure belonging to DigitalOcean, LLC. No active threat indicators, blacklist entries, or malicious behavior were observed. The IP shows stable ownership and normal cloud hosting patterns. Routine monitoring is recommended, but no immediate blocking or mitigation actions are warranted based on current intelligence.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | DO-13 |
| CIDR Block | 164.92.64.0/18 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | Caddy |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 30% | 2 | 4 |
| Overall | 22% | 9 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-28 18:34:14 UTC |
| Last Seen | 2026-06-29 05:41:37 UTC |
| Profile Built | 2026-06-29 05:52:58 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 20 |
Full dossier details are available via our API.