165.22.85.201📋 Copy

# IP INTELLIGENCE BRIEFING: 165.22.85.201

## EXECUTIVE SUMMARY

IP address 165.22.85.201 is classified as Low Risk with an overall risk score of 25. The address is registered to DigitalOcean, LLC and is hosted in Frankfurt am Main, Germany. The IP exhibits minimal threat indicators and shows no evidence of malicious activity across observed signals.

---

## PROFILE OVERVIEW

Risk Assessment

• Risk Score: 25/100 (Low Risk)
• Reputation: Low Risk
• Authority Score: 0
• Stability Score: 0
• Abuse Confidence: Not applicable

Ownership & Infrastructure

• ASN: 14061 (DigitalOcean, LLC)
• Organization: DigitalOcean, LLC
• Network: DIGITALOCEAN-165-22-0-0
• CIDR Block: 165.22.0.0/16
• RIR: ARIN
• Infrastructure Type: CloudCompute
• Service Purpose: Firewalled / No Services

Geolocation

• Country: Germany (DE)
• Region: HE
• City: Frankfurt am Main
• Timezone: Europe/Berlin
• Accuracy Radius: 600 km

---

## NETWORK CLASSIFICATION

Role Indicators

• Is Cloud: Yes
• Is Hosting: Yes
• Is CDN: No
• Is VPN: No
• Is Proxy: No
• Is Tor: No
• Is Mobile: No
• Is Residential: No
• Is Bogon: No
• Is Anycast: No

Network Status

• DNSSEC Valid: Yes
• Route Stable: False
• MOAS: No
• Operator Score: 0.1304 (Minimal)
• Delegation Age: Not determined

---

## THREAT INTELLIGENCE

Threat Indicators

• Blacklist Count: 0
• Pulsedive Risk: Not applicable
• Known Campaigns: None
• Threat Feeds: None
• Is Known Attacker: False
• Is Spam Source: False

Control Plane

• DNSBL Listed Count: 1 (out of 8 total lists)
• DNSBL Total Lists: 8
• BGP Prefix: 165.22.80.0/20
• Route Changes (30d): 0

Behavioral Signals

• Honeypot Hits: 0
• Enumeration Strikes: 0
• WAF Violations: 0
• Threat Persistence Days: 0
• Persistently Malicious: False

---

## NEIGHBORHOOD ANALYSIS

Subnet: 165.22.85.201/24

• Classification: Clean
• Abuse Density: 0
• Risk Distribution: High: 0, Medium: 0, Low: 0
• Neighbor Count: 0
• Active Siblings: 0
• Threat Siblings: 0
• Inherited Risk: 0

The IP shows no neighboring threat activity within its /24 subnet.

---

## RELATIONSHIP GRAPH

The IP is associated with 13 network relationships, all pointing to the same network block DIGITALOCEAN-165-22-0-0. No external relationships to hostnames, organizations, or certificates were identified beyond the network association.

---

## OBSERVATION HISTORY

Observation Count: 16 signals observed

Most Recent Activity: 2026-06-20

Key historical indicators:

• Ownership Changes: 0 (stable ownership)
• Average Ownership Days: Not applicable
• Threat Observation Count: 1
• Threat Persistence Days: 0

Recent signals indicate:

• Ownership resolution with 0.85 confidence
• Network classification (165.22.80.0/20) with 0.20 confidence
• Operator score classification (Minimal) with 0.30 confidence
• Geolocation inference (Germany) with 0.35 confidence

---

## SERVICES & DNS

Open Ports: None detected

TLS Certificate: None

HTTP Title: None

Server Banner: None

Certificates: None

DNS Resolution

• PTR Hostnames: None
• Forward Confirmation: False
• Hosted Domain Count: 0
• Email Auth (SPF/DMARC): Not present
• TXT Record Count: 0

---

## RECOMMENDED ACTIONS

Security Recommendations: None

Firewall Rules: None recommended

The IP address presents a low-risk profile with no actionable threat indicators. No immediate blocking or filtering actions are recommended based on current intelligence.

---

## ASSESSMENT

IP 165.22.85.201 represents a standard DigitalOcean cloud hosting environment with no observable malicious activity. The IP is properly registered, maintains stable ownership, and shows no threat indicators across multiple signal categories. The single DNSBL listing does not correlate with known threat feeds. SOC analysts may treat this IP as benign for operational purposes, though standard monitoring practices should continue.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.