165.245.229.123
# IPDEBRIEF INTELLIGENCE BRIEFING
Target: 165.245.229.123/32
Classification: Cloud Compute Infrastructure
Risk Level: Low Risk (Score: 25)
Date: Intelligence generated from live data
---
## EXECUTIVE SUMMARY
IP 165.245.229.123 is a cloud computing infrastructure address hosted on DigitalOcean, LLC's network infrastructure. The IP demonstrates low-risk characteristics with minimal operator scores and no active threat indicators. While the IP shows minimal service exposure, historical data indicates transient blacklist activity that has since resolved. The asset should be monitored but does not currently warrant immediate blocking or elevated alerting.
---
## OWNERSHIP AND INFRASTRUCTURE
| Attribute | Value |
|---|---|
| ASN | 14061 |
| Organization | DigitalOcean, LLC |
| CIDR Block | 165.245.224.0/20 |
| Network Role | Cloud Compute / Hosting |
| Infrastructure Type | CloudCompute |
| Location | New York, NY, US |
| GeoValidation | DNSSEC Valid (ICMP blocked - unable to validate) |
---
## THREAT INTELLIGENCE
Current Risk Profile
- Risk Score: 25 (Low)
- Abuse Confidence Score: Null
- Blacklist Count: 0 (current)
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Campaign Associations: None detected
Historical Observations (23 total)
- 2026-06-17: 8 blacklist listings detected (1 active at time of observation), max severity: high
- 2026-06-18: Operator score stabilized at 0.1304 (Minimal), 23 total observations
- Threat Persistence: 0 days
- Is Persistently Malicious: No
Threat Indicators
- No active threat indicators present
- No correlated IP campaigns
- No certificate matches to known malicious entities
- No banner-based campaign correlations
---
## NETWORK AND CONTROL PLANE
| Metric | Value |
|---|---|
| BGP Prefix | 165.245.224.0/20 |
| Route Changes (30d) | 0 |
| Route Stability | False |
| MoAS | False |
| RPKI State | Null |
| IRR Consistency | N/A |
| DNSSEC Valid | Yes |
| DNSBL Listed | 0 (current) |
| Operator Score | 0.1304 (Minimal) |
---
## NETWORK NEIGHBORHOOD
Subnet: 165.245.229.0/24
- Abuse Density: 1
- Classification: Mostly Clean
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 1
- Risk Distribution: 0 high, 0 medium, 0 low
The /24 subnet exhibits minimal abuse density with inherited risk of 2. Neighborhood context does not indicate coordinated malicious activity.
---
## SERVICES AND FINGERPRINTING
| Attribute | Value |
|---|---|
| Open Ports | None detected |
| Server Type | nginx |
| HTTP Status | 200 |
| HTTP/2 | Yes |
| HSTS | Yes |
| CSP | No |
| Referrer Policy | Yes |
| Permissions Policy | No |
| TTFB | 133ms |
No open services or ports detected. The IP responds to HTTP requests with nginx serving content. No TLS certificates or email authentication records present.
---
## RELATIONSHIP ANALYSIS
- Network Relationships: 23 relationships identified, all indicating membership in the same DigitalOcean network (DO-13)
- No organizational relationships detected
- No hostname relationships
- No certificate relationships
---
## RECOMMENDED ACTIONS
Current Status: No immediate action required
The IP demonstrates standard cloud infrastructure behavior with no active threat indicators. Recommended approach:
1. Allow with Monitoring: Traffic may be permitted with standard logging
2. No Blocking Required: Current risk profile does not warrant firewall blocking
3. Historical Context: Previous blacklist activity has resolved; monitor for recurrence
4. Geographic Consistency: US-based origin aligns with declared geolocation
---
Assessment: This IP address represents legitimate cloud infrastructure on DigitalOcean's platform. While historical blacklist activity was observed, current telemetry shows minimal risk. No immediate defensive action is recommended beyond standard traffic logging and monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | nginx |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 23% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 22% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:51 UTC |
| Last Seen | 2026-06-27 01:21:16 UTC |
| Profile Built | 2026-06-28 01:13:03 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 28 |
Full dossier details are available via our API.