167.99.73.121
IP Intelligence Briefing: 167.99.73.121
Date: 2026-06-10
---
**1. Core Profile**
- Reputation: Moderate Risk (Risk Score: 50)
- Provider: DigitalOcean, LLC (ASN: 14061)
- Geolocation: Singapore (SG), associated with DigitalOceanβs cloud infrastructure.
- Network Role: CloudCompute instance (hosted, no residential/mobile indicators).
- Threat Indicators: No malicious activity detected (no abuse confidence scores, blacklist entries, or campaign ties).
---
**2. Historical Observations**
- Last 30 Days:
- Consistently classified as a cloud-hosted IP with no persistent malicious behavior.
- Geolocation Validation: Plausible (Singapore), but ICMP probing failed, limiting validation depth.
- Risk Trends: Stable with no upward trajectory in threat signals.
---
**3. Relationships & Network Context**
- Linked Entities:
- Subnet: `167.99.64.0/20` (DigitalOcean infrastructure).
- No direct ties to known malicious organizations, domains, or certificates.
- Subnet Analysis:
- Abuse Density: 0% (clean subnet).
- Neighbors: No active or threatening sibling IPs in the /24 subnet.
---
**4. Security Recommendations**
- Firewall Rules (Precautionary):
- iptables: `iptables -A INPUT -s 167.99.73.121 -j DROP`
- Cloudflare WAF: Block IP with description "IPDebrief risk score 50."
- AWS WAF: Add `167.99.73.121/32` to a new rule.
- Monitoring:
- Track for unexpected service changes (e.g., open ports, TLS certificates).
- Correlate with other cloud instances in the `DIGITALOCEAN-167-99-0-0` subnet.
---
**5. Summary**
The IP is a legitimate DigitalOcean cloud instance with no current malicious indicators. While its moderate risk score warrants monitoring, the lack of threat signals suggests it is likely benign. Implement proactive blocking rules and continue observing for anomalies. No immediate action is required, but maintain visibility due to its cloud-hosted nature.
Next Steps:
- Validate if the IP is associated with any recent cloud security incidents.
- Ensure compliance with internal policies for cloud infrastructure monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | 167.99.64.0/20 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 24% | 2 | 3 |
| services | 8% | 1 | 1 |
| ownership | 37% | 3 | 6 |
| reputation | 26% | 1 | 3 |
| geolocation | 34% | 2 | 3 |
| Overall | 26% | 11 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-23 18:29:02 UTC |
| Last Seen | 2026-06-28 22:38:00 UTC |
| Profile Built | 2026-06-29 04:40:49 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 23 |
Full dossier details are available via our API.