165.227.231.224
IP Intelligence Dossier
Your IP: 216.73.216.123
π€ Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 165.227.231.224
Date: 2026-06-08
---
**1. Core Profile**
- Risk Rating: Low Risk (25/100) | No malicious indicators detected.
- Ownership: DigitalOcean, LLC (ASN 14061) | CloudCompute infrastructure.
- Geolocation: Slough, England, UK (plausible, 750km accuracy radius).
- Network Role: Cloud VM (nginx/1.24.0 server, SSH, HTTP/HTTPS services).
- TLS Certificate: Valid Letβs Encrypt certificate for `management.cargo.ir` (SAN).
---
**2. Threat & Security Observations**
- No Malicious Activity: Zero threat indicators, abuse confidence score not applicable.
- Service Fingerprint: Standard nginx server with SSH version `OpenSSH_9.6p1`.
- DNS: No PTR records or email auth (SPF/DKIM).
- TLS Scan: Valid TLS 1.3 connection with AES-256-GCM cipher.
- Geolocation Consistency: Plausible UK location with 201ms average RTT.
---
**3. Network Relationships**
- Subnet: Part of DigitalOceanβs `165.227.0.0/16` network.
- Neighbors: No sibling IPs detected in the /24 subnet.
- Abuse Density: Subnet classified as "mostly_clean" (abuse density 1/10).
---
**4. Historical Trends**
- Stability: No ownership or threat persistence changes.
- Recent Activity: Single observation (June 8, 2026) with no anomalous behavior.
---
**5. Actionable Insights**
- No Immediate Threat: Low-risk IP with no malicious signals.
- Monitor Subnet: Verify consistency with DigitalOceanβs infrastructure.
- Validate Certificate: Ensure the Letβs Encrypt certificate remains valid for `management.cargo.ir`.
- Network Segmentation: Consider isolating cloud VMs if elevated access is required.
---
Conclusion:
This IP represents a standard cloud server operated by DigitalOcean, with no evidence of malicious activity. No defensive actions are required, but continued monitoring is advised to detect any potential shifts in behavior.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.24.0 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
π TLS Certificate
CN=management.cargo.ir
Issued by CN=E7, O=Let's Encrypt, C=US
Self-signed: No
| SANs | management.cargo.ir |
| Valid From | 2026-05-19T11:22:00+00:00 |
| Valid Until | 2026-08-17T11:21:59+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 06818F2EFBF848757C2F128C4C29DF03E501 |
| Thumbprint | 5856E454EDB9262826AFA7DA088A79F42837A915 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 39% | 2 | 3 |
| Overall | 26% | 10 | 17 |
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-19 09:36:38 UTC |
| Last Seen | 2026-06-28 08:43:32 UTC |
| Profile Built | 2026-06-29 02:48:49 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 25 |
π 21 signal types Β· 25 observations collected
This report is generated from 21+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
βΉοΈ About This Report
All data shown is publicly available network metadata β IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.