204.48.25.122
IP Intelligence Dossier
Your IP: 216.73.216.123
π€ Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 204.48.25.122
*Generated via IPDebrief Threat Intelligence Platform*
---
**1. Risk Profile**
- Risk Score: 25/100 (Low Risk)
- Provider Score: 0 (No provider-specific risk)
- Authority Score: 0 (No authoritative threat indicators)
- Stability: Stable (no recent abrupt changes)
- Threat Indicators: No malicious activity, no known attackers, no spam sources, or blacklist entries.
---
**2. Ownership & Geolocation**
- ISP: DigitalOcean, LLC (ASN 14061)
- Location: United States (NJ), North Bergen
- Geolocation Validity: Plausible (2500km accuracy radius)
- Network Type: CloudCompute (DigitalOcean virtual machine)
---
**3. Network Behavior**
- Open Ports: None detected
- TLS/HTTP: No active services or certificates
- Subnet: 204.48.25.0/24 (clean, no abuse density)
- Neighbors: No active IPs in the subnet (0 siblings)
---
**4. Historical Observations**
- Last Observed: June 14, 2026 (minimal signal changes)
- Consistency: Stable over time; no persistent malicious patterns.
- Routing: BGP prefix 204.48.16.0/20, route stability confirmed.
---
**5. Relationships & Context**
- Linked Entities:
- Same network: `DIGITALOCEAN-204-48-16-0` (repeated 12x)
- No Correlated Threats: No associated campaigns, domains, or malicious certificates.
---
**6. Recommendations**
- Monitoring: No immediate action required; IP is benign.
- Firewall: No rules needed unless specific service ports are identified later.
- Subnet Verification: Confirm DigitalOceanβs 204.48.16.0/20 subnet legitimacy via ARIN.
---
Conclusion: 204.48.25.122 is a legitimate DigitalOcean cloud instance with no malicious indicators. No security action required at this time. Continue monitoring for unexpected service changes or network shifts.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | 204.48.16.0/20 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.18.0 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
π TLS Certificate
A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.
CN=packer-6532bd38-9318-085f-1727-207e6525e4ff
Issued by CN=packer-6532bd38-9318-085f-1727-207e6525e4ff
Self-signed: Yes
| SANs | packer-6532bd38-9318-085f-1727-207e6525e4ff |
| Valid From | 2023-10-20T17:53:41+00:00 |
| Valid Until | 2033-10-17T17:53:41+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 3650 days |
| Serial Number | 08481E3CAF80DDD26C93D8050ED6D288DA793DB7 |
| Thumbprint | 654BAFA432E1884A1F0F6EA3C2197FE1DB79A84E |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 4 |
| routing | 24% | 2 | 3 |
| services | 30% | 2 | 3 |
| ownership | 39% | 3 | 5 |
| reputation | 30% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 31% | 12 | 21 |
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
β Claimed geolocation contradicts RTT physics measurement
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:09 UTC |
| Last Seen | 2026-06-27 03:59:46 UTC |
| Profile Built | 2026-06-27 22:05:16 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 31 |
π 24 signal types Β· 31 observations collected
This report is generated from 24+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
βΉοΈ About This Report
All data shown is publicly available network metadata β IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.