168.144.105.246

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 168.144.105.246

## Executive Summary

IP 168.144.105.246 presents as LOW RISK (risk score: 25/100) cloud infrastructure from DigitalOcean, LLC with minimal threat indicators and no active malicious activity observed.

## Network Profile

Owner: DigitalOcean, LLC (ASN 14061)
Location: Singapore, SG (latitude: 1.35, longitude: 103.82)
Infrastructure Type: Cloud environment (isCloud: true)
Network Role: Firewalled / No Services
Classification: Clean, no bogon status

## Threat Indicators

Abuse Confidence: Not elevated
Threat Feeds: No active threat feed matches
Known Campaigns: None detected
Tor Exit Node: No
Known Attacker: No
Spam Source: No
Blacklist Status: 0 listings on threat feeds

## Network Behavior

Open Ports: None detected
DNS Resolution: No PTR records, no forward resolution
TLS Certificates: None observed
HTTP Services: No active web services
WAF Violations: 0
Honeypot Hits: 0

## Control Plane Data

Operator Score: 0.1304 (Minimal)
Route Stability: Unstable (not isRouteStable)
DNSBL Listings: 1 of 8 total lists
RPKI State: Not validated
IRR Consistency: Not available

## Neighborhood Analysis (168.144.105.0/24)

Abuse Density: 0 (low)
Classification: Mostly clean
Total Siblings: 4
Active Siblings: 2
Threat Siblings: 4 (potential correlation risk)
Neighbor Risk Distribution: 0 high, 1 medium, 2 low risk

Notable neighbors:

168.144.105.169: Risk score 50 (medium risk)
168.144.105.20: Risk score 25 (low risk)
168.144.105.164: Risk score 25 (low risk)

## Historical Observations

Total Observations: 17
Threat Persistence: 0 days (not persistently malicious)
Ownership Changes: 0
Recent Signals:

- 2026-06-17: Geolocation confirmed to Singapore

- 2026-06-17: Operator score "Minimal"

- 2026-06-17: Alienvault OTX data showed conflicting US coordinates with threats (confidence: 0.75, may be stale or misattributed)

## Related Entities

Network Block: NET-168-144-0-0-1 (multiple relationship entries)
Relationship Count: 20 (all same network references)

## Recommended Actions

1. Monitor: Continue standard monitoring; no immediate blocking required

2. Correlation: Review 168.144.105.169 (risk score 50) for potential correlated activity

3. Geolocation Validation: Investigate conflicting Alienvault OTX signal (US vs Singapore)

4. Cloud Security: Apply standard DigitalOcean cloud security policies

5. DNSBL Monitoring: Track 1 DNSBL listing source

## Risk Assessment

This IP represents standard cloud infrastructure with low abuse potential. The DigitalOcean cloud environment shows minimal operator risk (0.1304). No active threats, no open services, and low neighborhood abuse density support continued monitoring without blocking actions.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇸🇬 Singapore
Region	—
City	Singapore
Timezone	Asia/Singapore
Latitude	1.35
Longitude	103.82

🏢 Ownership & Registration

Organization	DigitalOcean, LLC
ASN	AS14061
Network Name	—
CIDR Block	168.144.96.0/20
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	nginx
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15

🔐 TLS Certificate

🔒

CN=alam.dumaitotoalam.shop

Issued by CN=YR2, O=Let's Encrypt, C=US

Self-signed: No

SANs	alam.dumaitotoalam.shop
Valid From	2026-06-26T03:15:31+00:00
Valid Until	2026-09-24T03:15:30+00:00
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha256RSA
Validity Period	89 days
Serial Number	05E073146052F2FF4B9B8712D9D9EF3F07F5
Thumbprint	69BF9879A8A967B3A3533F9389F84B5A637DC11D

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	39%	2	4
routing	32%	2	3
services	32%	2	3
ownership	30%	3	4
reputation	30%	1	3
geolocation	35%	2	3
Overall	33%	12	20

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:03:52 UTC
Last Seen	2026-06-27 01:42:15 UTC
Profile Built	2026-06-27 22:57:10 UTC
Data Freshness	Live
Signal Types	24
Total Observations	29

🔍 24 signal types · 29 observations collected

This report is generated from 24+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

168.144.105.246📋 Copy