# IP INTELLIGENCE BRIEFING
Target: 152.42.219.134/32
Classification: LOW RISK / MONITOR
Date: 2026-06-21
## EXECUTIVE SUMMARY
IP 152.42.219.134 is a DigitalOcean cloud infrastructure endpoint located in Singapore with a current risk score of 25 (Low Risk). The IP exhibits minimal active threat indicators but shows historical inconsistencies in geolocation reporting and one neighboring address with elevated risk. No active services or open ports detected. SOC analysts should monitor for neighborhood spillover from adjacent high-risk address 152.42.219.80.
## PROFILE DETAILS
Ownership & Network:
- Organization: DigitalOcean, LLC (ASN: 14061)
- Network: DO-13 (152.42.128.0/17)
- Infrastructure Type: CloudCompute
- Classification: Cloud Hosting
Geolocation:
- Country: Singapore (SG)
- Coordinates: 1.35°N, 103.82°E
- Timezone: Asia/Singapore
Risk Metrics:
- Overall Risk Score: 25/100 (Low Risk)
- Provider Score: 0
- Authority Score: 0
- Stability Score: 0
## THREAT INDICATORS
Current Threat Status:
- Abuse Confidence Score: Not applicable
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
- Blacklist Count: 0
- Active Threat Indicators: None
Control Plane:
- DNSBL Listed: 1 of 8 total lists
- Route Stability: False
- RPKI State: Not reported
- Operator Score: 0.1304 (Minimal)
## NETWORK NEIGHBORHOOD ANALYSIS
Subnet: 152.42.219.0/24
- Abuse Density: 0%
- Classification: Mostly Clean
- Total Siblings: 2
- Active Siblings: 1
- Threat Siblings: 1
Notable Neighbor:
- IP 152.42.219.80: Risk Score 50, Authority Score 50
Assessment: The subnet exhibits minimal abuse density, but one sibling IP (152.42.219.80) demonstrates elevated risk. Monitor for potential lateral threat activity.
## OBSERVATION HISTORY
Total Observations: 18 signals
Recent Activity (2026-06-21):
- Operator Score: 0.1304 (Minimal)
- Signal Count: 1 of 8 maximum
- Overall Confidence: 0.18
Historical Anomalies (2026-06-16):
- Geolocation reported as US (inconsistent with current Singapore assignment)
- Threat pulses detected: 4
- Source: AlienVault OTX
- Reputation Score: 0
Assessment: Historical data shows inconsistent geolocation reporting between US and Singapore assignments. Historical threat pulses suggest transient malicious activity that is no longer present.
## RELATIONSHIPS
Detected Relationships: 6
- All relationships: Same Network (DO-13)
- No hostname, organizational, or certificate associations identified beyond network-level data
## SECURITY ACTIONS & RECOMMENDATIONS
Risk-Based Recommendations:
- No immediate firewall rules required
- No action recommendations generated based on current risk profile
Recommended Monitoring:
1. Track 152.42.219.80 (neighbor with Risk Score 50) for potential threat spillover
2. Monitor for DNSBL listing changes
3. Watch for geolocation inconsistencies in future observations
Firewall Considerations:
- No open ports detected (service classification: Firewalled / No Services)
- No immediate blocking required
- Consider logging for traffic analysis
## CONCLUSION
IP 152.42.219.134 represents a low-risk DigitalOcean cloud endpoint with no active threat indicators. The primary concern is the elevated-risk neighbor (152.42.219.80) within the same /24 subnet. Historical geolocation inconsistencies warrant continued monitoring. No immediate blocking actions recommended; maintain passive monitoring for neighborhood threat evolution.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | DO-13 |
| CIDR Block | 152.42.128.0/17 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 15% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 18% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-04 00:31:23 UTC |
| Last Seen | 2026-06-21 10:57:20 UTC |
| Profile Built | 2026-06-21 11:13:05 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 24 |
Full dossier details are available via our API.