152.42.128.45
## IP INTELLIGENCE BRIEFING: 152.42.128.45/32
Classification: Low Risk - Cloud Infrastructure Host
Analysis Date: 2026-06-14
Primary Analyst: IPDebrief Intelligence System
---
EXECUTIVE SUMMARY
IP address 152.42.128.45 is a DigitalOcean cloud compute instance located in Amsterdam, Netherlands (NL). The IP presents as a standard single-service hosting environment with minimal threat indicators. Risk score is 25/100 (Low Risk). No active threat campaigns or known malicious activity detected. The IP is part of DigitalOcean's cloud infrastructure (ASN 14061) and operates within a clean subnet with zero abuse density.
---
OWNERSHIP & INFRASTRUCTURE
| Attribute | Value |
|---|---|
| **Organization** | DigitalOcean, LLC |
| **ASN** | 14061 |
| **Infrastructure Type** | Cloud Compute |
| **Geolocation** | Amsterdam, North Holland, NL |
| **Network Block** | 152.42.128.0/20 |
| **Service Purpose** | Single-Service Host |
| **Cloud Provider** | DigitalOcean |
Key Findings:
- IP is classified as cloud infrastructure (isCloud: true, isHosting: true)
- Not a CDN, VPN, proxy, or Tor exit node
- Route stability flagged as false (route changes observed in last 30 days)
- One DNSBL listing detected out of 8 total lists checked
---
NETWORK SERVICES & EXPOSURE
Open Ports:
- Port 22/TCP (SSH) - Banner: SSH-2.0-OpenSSH_10.0p2 Ubuntu-5ubuntu5.4
DNS & Email:
- No PTR hostnames recorded
- No forward DNS resolution
- No hosted domains
- Email authentication: SPF and DMARC records absent
TLS/HTTP:
- No TLS certificate present
- No HTTP title or server banner data captured
---
THREAT ASSESSMENT
| Indicator | Status |
|---|---|
| **Overall Risk Score** | 25 (Low Risk) |
| **Abuse Confidence Score** | N/A |
| **Blacklist Count** | 0 |
| **Known Attacker** | No |
| **Spam Source** | No |
| **Tor Exit Node** | No |
| **Campaign Likelihood** | None |
| **Cert Matches** | 0 |
| **Banner Matches** | 0 |
| **Correlated IPs** | 0 |
Threat Indicators: None detected in threat feeds or reputation sources.
---
OBSERVATION HISTORY (18 Signals)
Recent activity shows mixed geolocation signals:
- 2026-06-14 20:59:59 UTC: AlienVault OTX reputation signal detected (confidence 0.95) showing US geo with 16 pulse associations
- 2026-06-14 20:59:46 UTC: Multi-signal inference placed in NL Amsterdam (confidence 0.35)
- 2026-06-14 20:59:29 UTC: Operator score classified as "Minimal" (0.15)
- 2026-06-14 20:58:53 UTC: Network classification confirmed as DigitalOcean CloudCompute (confidence 0.90)
Analysis: Geolocation inconsistencies present between different reputation sources (US vs NL). This is common in cloud environments where routing paths may differ from physical location. No persistent malicious behavior observed.
---
NETWORK RELATIONSHIPS
- Same Network Associations: 21 relationships to DO-13 network identifier
- Network Classification: All relationships indicate membership in DigitalOcean DO-13 network block
- No external entity relationships detected (hostnames, certificates, organizations)
---
SUBNET ANALYSIS (152.42.128.0/24)
| Metric | Value |
|---|---|
| **Abuse Density** | 0 |
| **Classification** | Clean |
| **Total Siblings** | 1 |
| **Active Siblings** | 1 |
| **Threat Siblings** | 0 |
| **Risk Distribution** | High: 0, Medium: 0, Low: 0 |
Finding: Subnet exhibits no abuse activity. The single sibling IP is active with no threat indicators.
---
RECOMMENDED ACTIONS
Firewall Rules:
- No blocking recommended (Low Risk classification)
- Standard cloud egress/ingress rules apply
- Monitor SSH (port 22) for brute force attempts if applicable
SOC Procedures:
- Treat as legitimate cloud infrastructure
- Monitor for behavioral anomalies rather than IP-based blocking
- Geo-validation discrepancies noted - correlate with application logs if investigation required
Monitoring Priority: Low
- No active threat indicators
- No campaign correlations
- No malicious reputation sources
---
INTELLIGENCE CONCLUSION
IP 152.42.128.45 is a legitimate DigitalOcean cloud hosting instance with standard service exposure (SSH). The IP presents minimal risk with no threat indicators detected. Geolocation signals show expected cloud infrastructure behavior with some variance between reputation sources. No blocking or defensive action required at this time. Continue standard monitoring practices for cloud infrastructure assets.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_10.0p2 Ubuntu-5ubuntu5.4 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 19% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-13 12:11:56 UTC |
| Last Seen | 2026-06-27 23:05:07 UTC |
| Profile Built | 2026-06-28 17:10:49 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 22 |
Full dossier details are available via our API.