167.71.246.78
# IP Intelligence Briefing: 167.71.246.78
## Executive Summary
IP address 167.71.246.78 is a low-risk cloud infrastructure endpoint hosted on DigitalOcean. The IP exhibits standard web server behavior with no active threat indicators. Risk score: 25 (Low). Recommended action: Monitor but no immediate blocking required.
## Risk Profile
- Overall Risk Score: 25 (Low Risk)
- Reputation: Low Risk
- Provider Score: 0
- Authority Score: 0
- Stability Score: 0
## Ownership & Geolocation
- ASN: 14061 (DigitalOcean, LLC)
- Network: DIGITALOCEAN-167-71-0-0
- CIDR Block: 167.71.0.0/16
- Location: Clifton, NJ, US
- Geolocation Confidence: GeoPlausible: false (RTT validation discrepancy detected)
## Network Classification
- Infrastructure Type: CloudCompute
- Service Purpose: Web Server
- Hosting Provider: DigitalOcean
- Cloud Environment: Yes
- Known Proxy/VPN/Tor: No
## Active Services
- Port 80/tcp: HTTP (Apache/2.4.57)
- Port 443/tcp: HTTPS (Apache/2.4.57)
- Port 22/tcp: SSH (OpenSSH 9.3p1 Ubuntu-1ubuntu3.6)
- TLS Certificate: Let's Encrypt (CN=admin.doctyc.com)
- HTTP Status: 503 (Service Unavailable)
## Threat Intelligence
- Blacklist Count: 0
- DNSBL Listed: 1 of 8 total lists
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
- Known Campaigns: None
- Abuse Confidence Score: Null
- Operator Score: 0.1304 (Minimal)
## Neighborhood Analysis (167.71.246.0/24)
- Abuse Density: 0 (Clean)
- Subnet Classification: Clean
- Total Siblings: 2
- Active Siblings: 1
- Threat Siblings: 0
- Adjacent IP: 167.71.246.123 (Risk Score: 25, Authority Score: 50)
## Observation History
- Total Observations: 22
- Most Recent: 2026-06-21
- Signal Count: 1 of 8 max
- Historical Trend: Stable low-risk profile
- HTTP Fingerprint: Apache/2.4.57 (Ubuntu)
- Status Codes Observed: 503
## Control Plane
- Route Stable: No
- DNSSEC Valid: Yes
- BGP Prefix: 167.71.240.0/20
- IRR Consistency: Not assessed
- Route Changes (30d): 0
- MoAS: No
## Recommended Actions
No automatic firewall rules generated due to low-risk classification. The IP presents as a legitimate cloud web server hosting a domain (admin.doctyc.com) with standard Apache/HTTPS services.
## Intelligence Narrative
The target IP 167.71.246.78 operates as a standard DigitalOcean cloud web server with no malicious indicators. The infrastructure shows consistent hosting characteristics with Apache web serving and SSH access. DNSBL listing is minimal (1 of 8 lists) and does not correlate with active abuse campaigns. The adjacent neighbor IP (167.71.246.123) maintains similar risk characteristics. Subnet abuse density is zero, indicating the broader infrastructure maintains clean operational practices. Historical signals remain stable with no escalation in threat posture. The HTTP 503 status may indicate temporary service degradation rather than malicious activity.
## Conclusion
This IP represents benign cloud infrastructure. No immediate defensive action required. Continue routine monitoring but exclude from active threat blocks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | DIGITALOCEAN-167-71-0-0 |
| CIDR Block | 167.71.0.0/16 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | Apache/2.4.57 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.3p1 Ubuntu-1ubuntu3.6 |
π TLS Certificate
CN=admin.doctyc.com was found on this IP. This may indicate a previously hosted website, a decommissioned service, or stale infrastructure.| SANs | admin.doctyc.com |
| Valid From | 2025-06-05T20:13:20+00:00 |
| Valid Until | 2025-09-03T20:13:19+00:00 (expired) |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 067FD293CA39BBAEE63399A301D0687948C3 |
| Thumbprint | A366EE6BB507E051D0B8CB9A51BF46DCAEC05739 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 30% | 2 | 3 |
| Overall | 25% | 10 | 15 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-02 12:03:27 UTC |
| Last Seen | 2026-06-21 08:34:56 UTC |
| Profile Built | 2026-06-21 08:40:41 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 24 |
Full dossier details are available via our API.