167.99.75.138

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP INTELLIGENCE BRIEFING

Target: 167.99.75.138/32

Date: 2026-06-14

Classification: Low Risk (Score: 25)

---

## EXECUTIVE SUMMARY

IP address 167.99.75.138 is a DigitalOcean cloud compute host located in Singapore. The IP presents minimal threat indicators with no evidence of active malicious activity. However, limited DNS blacklist presence warrants continued monitoring. No immediate blocking or defensive action required.

---

## NETWORK CLASSIFICATION

Organization: DigitalOcean, LLC (ASN: 14061)
Infrastructure Type: Cloud Compute / Web Hosting
Geolocation: Singapore (SG) – Latitude: 1.35, Longitude: 103.82
BGP Prefix: 167.99.64.0/20
Route Stability: Unstable (isRouteStable: false)
DNSSEC: Valid

---

## SERVICE FINGERPRINT

HTTP/HTTPS: nginx/1.24.0 (Ubuntu)
Status Code: 200 OK
Powered By: Next.js
TLS Certificate: Let's Encrypt (CN: mengbanyao.com)
Associated Domains: api.mengbanyao.com, mengbanyao.com, www.mengbanyao.com
Email Authentication: SPF: Yes, DMARC: Yes
Open Ports: 80/tcp, 443/tcp, 22/tcp (SSH)

---

## THREAT ASSESSMENT

Metric	Value
Overall Risk Score	25 (Low Risk)
Abuse Confidence Score	Not Available
Known Campaign	None
Is Tor Exit Node	No
Is Known Attacker	No
Is Spam Source	No
DNSBL Listed	1 of 8 total lists
Threat Persistence Days	0

Threat Indicators: None detected. No active threat feeds or indicators of compromise identified.

---

## NEIGHBORHOOD ANALYSIS

Subnet: 167.99.75.0/24
Abuse Density: 0 (Clean)
Threat Siblings: 0
Risk Distribution: No high/medium risk neighbors detected
Classification: Clean

---

## OBSERVATION HISTORY (Last 20 Signals)

Recent activity from 2026-06-14 shows:

DNS blacklist presence (1 listing with high severity)
HTTP fingerprinting consistent with legitimate web hosting
Geographic signals consistently pointing to Singapore
Operator score: 0.1304 (Minimal)
No evidence of persistent malicious behavior

---

## RELATIONSHIP MAPPING

Network Relationships: 28 entries showing DIGITALOCEAN-167-99-0-0
Organizational Links: None detected
Hostname Associations: mengbanyao.com domain family
Certificate Subjects: api.mengbanyao.com, mengbanyao.com, www.mengbanyao.com

---

## RECOMMENDED ACTIONS

Current Risk Level: LOW

Security Recommendations:

No immediate blocking required
Monitor DNSBL status changes
Treat as legitimate cloud infrastructure
Standard web traffic handling sufficient

Firewall Rules: None required at this time

---

## ANALYST NOTES

The IP operates as a legitimate DigitalOcean hosting service. The single DNSBL listing may represent a minor reputation issue but does not indicate active abuse. The associated domain (mengbanyao.com) appears to be a legitimate business entity with proper email authentication configured. Continued monitoring is advisable due to the DNSBL presence, but no escalation is warranted at this time.

Status: Monitor | Classification: Legitimate Cloud Infrastructure

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇸🇬 Singapore
Region	—
City	Singapore
Timezone	Asia/Singapore
Latitude	1.35
Longitude	103.82

🏢 Ownership & Registration

Organization	DigitalOcean, LLC
ASN	AS14061
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	60% (Good)
SPF	Present
DMARC	Present
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	nginx/1.24.0 (Ubuntu)
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16

🔐 TLS Certificate

🔒

CN=mengbanyao.com

Issued by CN=E8, O=Let's Encrypt, C=US

Self-signed: No

SANs	api.mengbanyao.commengbanyao.comwww.mengbanyao.com
Valid From	2026-04-19T11:14:10+00:00
Valid Until	2026-07-18T11:14:09+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha384ECDSA
Validity Period	89 days
Serial Number	064D18BDBA4E105ACD9A87997058C86521B4
Thumbprint	CA4D71C69DE7E0875F6BFC46D8CF2DFC3CB366C3

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	24%	2	3
routing	8%	1	1
services	30%	2	3
ownership	20%	2	3
reputation	18%	1	2
geolocation	30%	2	3
Overall	21%	10	15

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-14 13:23:50 UTC
Last Seen	2026-06-28 00:48:50 UTC
Profile Built	2026-06-28 18:54:16 UTC
Data Freshness	Live
Signal Types	20
Total Observations	23

🔍 20 signal types · 23 observations collected

This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

167.99.75.138📋 Copy