IPDebrief

167.172.77.62

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 167.172.77.62

## Executive Summary

IP 167.172.77.62 is a Low Risk (Risk Score: 30/100) web server endpoint hosted on DigitalOcean cloud infrastructure in Singapore. The IP demonstrates stable operational characteristics with no active malicious indicators, though the /24 neighborhood shows minor abuse activity that warrants contextual awareness.

---

## Infrastructure Profile

AttributeValue
**IP Address**167.172.77.62/32
**Organization**DigitalOcean (ASN: 14061)
**Location**Singapore (SG)
**CIDR Block**167.172.0.0/16
**Network Type**Cloud Infrastructure
**Classification**Web Server

## Service Footprint

The IP hosts standard web server services with the following open ports:

TLS Configuration: The endpoint presents a Let's Encrypt certificate for `crmsaudi.dev` with SANs covering `*.crmsaudi.dev` and `crmsaudi.dev`. Server fingerprint identifies nginx/1.24.0 on Ubuntu. Security headers include HSTS (31536000s), CSP (default-src 'self'), and HTTP/2 support.

## Threat Assessment

## Operational History

Analysis of 25 observation signals reveals consistent operational patterns:

## Network Neighborhood

The /24 subnet (167.172.77.0/24) shows:

The presence of one threat sibling in the neighborhood suggests localized abuse activity, though the target IP itself maintains a clean threat profile.

## Security Actions

No specific firewall rules or mitigation recommendations are required at this time. The IP's low risk score and absence of active threat indicators support continued monitoring without immediate blocking actions.

## Intelligence Conclusion

IP 167.172.77.62 operates as a legitimate web hosting endpoint on DigitalOcean infrastructure. The endpoint hosts what appears to be a development or test environment (`crmsaudi.dev`). While the immediate threat profile is low, SOC analysts should maintain awareness of the neighborhood's abuse density and monitor for any changes in the threat sibling activity. No immediate defensive actions are warranted.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΈπŸ‡¬ Singapore
Regionβ€”
CitySingapore (Pioneer)
TimezoneAsia/Singapore
Latitude1.35
Longitude103.82

🏒 Ownership & Registration

Organizationdigitalocean
ASNAS14061
Network NameDigitalOcean
CIDR Block167.172.0.0/16
RIRARIN
CountryUS
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo β€” PTR hostname does not resolve back to this IP (weak signal)

πŸ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureInfrastructure / Datacenter
Service PurposeWeb Server
Network TierHosting β€” Infrastructure provider without advanced routing
CloudHosting

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
80httptcpβ€”
443httpstcpβ€”
22sshtcp
8080http-alttcpβ€”
Closed Ports25, 3389, 8443 (4 open / 7 scanned)
Servernginx/1.24.0 (Ubuntu)
HTTP Titleβ€”
SSH VersionSSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16

πŸ” TLS Certificate

πŸ”’
CN=crmsaudi.dev
Issued by CN=E7, O=Let's Encrypt, C=US
Self-signed: No
SANs*.crmsaudi.devcrmsaudi.dev
Valid From2026-05-11T09:15:59+00:00
Valid Until2026-08-09T09:15:58+00:00
TLS ProtocolTls13
Cipher SuiteTLS_AES_256_GCM_SHA384
Signature Algorithmsha384ECDSA
Validity Period89 days
Serial Number05A3428685CBB466F538AB3B232C3C46E585
Thumbprint6710F2B10361E8E8196F66A6F5E3D22511341389

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
27%
24
routing
8%
11
services
30%
23
ownership
27%
23
reputation
26%
13
geolocation
40%
23
Overall26%1017
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-26 06:50:20 UTC
Last Seen2026-06-29 02:45:43 UTC
Profile Built2026-06-29 08:48:14 UTC
Data FreshnessLive
Signal Types23
Total Observations24
πŸ” 23 signal types Β· 24 observations collected
This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.