152.67.39.50
# IP INTELLIGENCE BRIEFING: 152.67.39.50/32
Classification: Low Risk / Oracle Cloud Infrastructure
Date Generated: 2026-06-16
Analyst: IPDebrief Intelligence
---
## EXECUTIVE SUMMARY
IP 152.67.39.50 is a low-risk address associated with Oracle Public Cloud infrastructure. The IP shows no active malicious indicators, belongs to a clean subnet with zero abuse density, and exhibits stable ownership patterns. No security actions are recommended at this time.
---
## OWNERSHIP & REGISTRATION
- Organization: Oracle Public Cloud
- ASN: 31898
- Network Block: 152.67.0.0/16 (OC-195)
- RIR: ARIN
- Registration Contact: domain-contact_ww_grp@oracle.com
---
## GEOLOCATION ANALYSIS
- Country: United States (US)
- Reported Region: São Paulo
- Geographic Accuracy: 2,500km radius
- Geographic Consensus: Confirmed across multiple sources
*Note: Geographic signal shows São Paulo, but network registration data indicates Oracle US infrastructure. This discrepancy is common with cloud provider anycast deployments.*
---
## THREAT ASSESSMENT
Risk Profile
- Overall Risk Score: 25/100 (Low Risk)
- Abuse Confidence: Not applicable (cloud infrastructure)
- Blacklist Status: Clean (0 active listings)
Threat Indicators
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
- Campaign Affiliation: None detected
- Honeypot Hits: 0
- WAF Violations: 0
- Enumeration Strikes: 0
---
## NETWORK BEHAVIOR
- Infrastructure Type: Oracle Cloud Provider
- Service Purpose: Firewalled / No Services
- Open Ports: None detected
- TLS Certificates: None
- HTTP Services: None detected
- Connection Type: Cloud Infrastructure
Control Plane Status
- Route Stability: Unstable (false)
- BGP Prefix: 152.67.32.0/20
- RPKI State: Not validated
- DNSSEC: Valid
- Route Changes (30d): 0
- DNSBL Listings: 1/8 (minimal)
---
## NEIGHBORHOOD ANALYSIS
- Subnet: 152.67.39.50/24
- Abuse Density: 0%
- Classification: Clean
- Total Siblings: 1
- Active Siblings: 0
- Threat Siblings: 0
The immediate /24 neighborhood shows no malicious activity or abuse patterns.
---
## OBSERVATION HISTORY
Total Observations: 14 signals over recent period
Key Historical Signals:
1. Ownership Signals: Consistent Oracle Public Cloud attribution across all observations
2. Geolocation: Stable US-based signals with consistent confidence levels (0.35-0.95)
3. Network Classification: Persistent cloud infrastructure designation
4. Threat Persistence: None detected (threat_persistence_days: 0)
Temporal Analysis: No ownership changes detected. IP has maintained consistent attribution throughout observation period.
---
## RELATIONSHIP GRAPH
- Same Network Targets: 2 entries pointing to OC-195 network
- Related Entities: Oracle Cloud infrastructure networks
- Certificate Associations: None
- Organizational Links: Oracle Public Cloud (ASN 31898)
---
## SECURITY RECOMMENDATIONS
Current Status: No Action Required
The IP address represents standard Oracle Cloud infrastructure with no indicators of compromise. Monitor for:
- Changes in service patterns
- New threat indicator appearances
- Subnet abuse density increases
Firewall Rules: None recommended at this time
---
## TRACEROUTE SUMMARY
- Total Hops: 30
- First Hop RTT: 0.2ms
- Last Hop RTT: 154.7ms
- Timed Out Hops: 20
- Transit Networks: Comcast
---
## INTELLIGENCE CONCLUSION
IP 152.67.39.50 is a benign Oracle Cloud infrastructure address with no active threat indicators. The low risk score (25/100), clean blacklist status, zero neighborhood abuse, and stable ownership attribution support continued normal network operations. No defensive blocking or alerting is warranted.
---
*Report generated by IPDebrief Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Oracle Public Cloud |
| ASN | AS31898 |
| Network Name | OC-195 |
| CIDR Block | 152.67.0.0/16 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 2 |
| routing | 17% | 1 | 1 |
| services | 17% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 24% | 2 | 2 |
| Overall | 22% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-07 13:57:10 UTC |
| Last Seen | 2026-06-21 13:53:17 UTC |
| Profile Built | 2026-06-21 14:01:45 UTC |
| Data Freshness | Live |
| Signal Types | 16 |
| Total Observations | 18 |
Full dossier details are available via our API.