152.42.237.113
IP Intelligence Briefing: 152.42.237.113
*Generated via IPDebrief Analysis*
---
**Core Profile**
- Reputation: Moderate Risk (Risk Score: 50)
- Ownership:
- ISP: DigitalOcean, LLC (ASN 14061)
- Network: DO-13 (CIDR: 152.42.128.0/17)
- Geolocation: Registered to Singapore (SG), but observed in the U.S. (latitude 37.751, longitude -97.822) via AlienVault OTX.
- Threat Indicators:
- Listed in 8 threat feeds (1 high-severity listing).
- No active malicious services (open ports, TLS certs, or HTTP banners).
- DNSSEC valid, but no email authentication (no SPF/DKIM records).
---
**Observation History**
- Recent Activity:
- High-severity threat listing (likely malware or exploit activity) observed on 2026-06-11.
- Geolocation inconsistencies: Conflicting reports of Singapore and the U.S.
- Network stability: BGP route stability score indicates potential instability.
- Trend: No persistent malicious behavior detected, but recent threats suggest intermittent risk.
---
**Network Relationships**
- Connected Entities:
- Same Network: Linked to DigitalOceanβs DO-13 subnet.
- Neighbors:
- 152.42.237.127 (Risk Score: 25, Authority Score: 50).
- Subnet Analysis:
- Abuse Density: 0% (mostly clean).
- Neighbor Risk: One sibling IP (152.42.237.127) shows medium risk.
---
**Actionable Insights**
1. Monitor Geolocation Discrepancies: Investigate the conflicting geolocation data (Singapore vs. U.S.) to detect potential IP spoofing or proxy usage.
2. Review Threat Listings: Confirm the legitimacy of the high-severity threat feeds (e.g., check AlienVault OTX for pulse details).
3. Inspect Neighbors: Monitor 152.42.237.127 for suspicious activity, as it shares the same subnet.
4. Secure Cloud Infrastructure: Ensure DigitalOcean VMs are hardened (e.g., restrict SSH access, enable WAF rules).
---
Recommendation: Low immediate risk, but continuous monitoring is advised due to recent threat indicators and geolocation anomalies. Use IPDebriefβs firewall rules tool to block high-risk neighbors if necessary.
*Generated by IPDebrief β Threat Intelligence for SOC Teams*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | DO-13 |
| CIDR Block | 152.42.128.0/17 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 24% | 2 | 3 |
| services | 15% | 2 | 2 |
| ownership | 30% | 3 | 4 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 23% | 12 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-27 13:16:48 UTC |
| Last Seen | 2026-06-29 04:13:46 UTC |
| Profile Built | 2026-06-29 04:18:03 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 22 |
Full dossier details are available via our API.