165.22.80.109
# IP Intelligence Briefing: 165.22.80.109
Classification: LOW RISK | Report Date: 2026-06-14
## Executive Summary
IP address 165.22.80.109 is a DigitalOcean cloud infrastructure endpoint located in Frankfurt am Main, Germany. The IP maintains a low-risk profile (Risk Score: 25) with no active threat indicators. Infrastructure is classified as cloud computing with no open services detected.
## Ownership & Infrastructure
- Owner: DigitalOcean, LLC
- ASN: AS14061
- Location: Frankfurt am Main, DE (50.1188°N, 8.6843°E)
- Network Block: 165.22.80.0/20
- Infrastructure Type: CloudCompute
- Ownership: Stable (no changes recorded)
## Threat Assessment
- Risk Score: 25 (Low Risk)
- Blacklist Status: 0 blacklists
- DNSBL Listings: 1 of 8 total lists
- Known Campaigns: None
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
## Network Behavior
- Services: No open ports detected; firewalled/no services exposed
- DNS: No PTR records; no forward resolution
- SSL/TLS: No certificates detected
- HTTP: No web services detected
## Control Plane Analysis
- Operator Score: 0.1304 (Minimal)
- Route Stability: Not route-stable
- RPKI Status: Not validated
- Delegation Age: Not recorded
- Moas: No
## Temporal Analysis
- Observations: 20 signals tracked
- Threat Persistence: 0 days
- Malicious Persistence: False
- Recent Activity: Single threat observation noted
## Neighborhood Context (165.22.80.0/24)
- Abuse Density: Low
- Subnet Classification: Mostly Clean
- Threat Siblings: 1 detected in subnet
- Overall Risk: Minimal inherited risk from subnet
## Recommended Actions
Current Status: No specific security actions recommended based on risk profile.
Suggested Monitoring:
- Monitor for service exposure changes
- Track subnet-level threat activity
- Review DNSBL listing details if security policy requires
## SOC Analyst Notes
This IP represents a standard DigitalOcean cloud endpoint with minimal threat indicators. The single threat sibling in the /24 subnet warrants awareness but does not indicate direct compromise. No immediate blocking or mitigation required. Standard cloud infrastructure monitoring applies.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 24% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-14 19:28:15 UTC |
| Last Seen | 2026-06-28 01:17:10 UTC |
| Profile Built | 2026-06-28 19:22:02 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 23 |
Full dossier details are available via our API.