159.89.132.71
INTELLIGENCE BRIEFING: 159.89.132.71
Date: Current
Classification: Low Risk
Analyst: IPDebrief Intelligence Platform
---
EXECUTIVE SUMMARY
IP 159.89.132.71 is a low-risk DigitalOcean cloud compute instance located in Santa Clara, US. The IP demonstrates stable operational characteristics with no active threat indicators. Subnet abuse density is negligible, and historical observations show consistent benign behavior over the monitored period.
---
INFRASTRUCTURE PROFILE
Ownership & Registration:
- Organization: DigitalOcean, LLC (ASN: 14061)
- Network: DIGITALOCEAN-159-89-0-0 /16
- RIR: ARIN
- Registration: Standard cloud provider infrastructure
Geolocation:
- Country: United States (US)
- Region: California (CA)
- City: Santa Clara
- Accuracy Radius: 2500km
Network Classification:
- Infrastructure Type: Cloud Compute
- Connection Type: Cloud Hosting
- Is Anycast: No
- Is CDN/VPN/Proxy: No
DNS Resolution:
- PTR Record: prod-barium-sfo2-65.do.binaryedge.ninja
- Domain: binaryedge.ninja
- Forward Resolution: Confirmed
- Email Authentication: SPF configured (DMARC: Absent)
---
THREAT INDICATORS
Current Threat Status:
- Risk Score: 25/100 (Low Risk)
- Abuse Confidence Score: Not applicable
- Blacklist Count: 0
- Tor Exit Node: No
- Known Attacker: No
- Spam Source: No
Threat Feeds & Campaigns:
- Active Threat Feeds: None
- Known Campaign Matches: 0
- Correlated IPs: 0
---
NETWORK BEHAVIOR
Open Services:
- Port 22/tcp (SSH) - SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15
Control Plane Data:
- Route Stability: Inconsistent (isRouteStable: false)
- RPKI State: Not available
- DNSBL Listings: 1 of 8 total lists
- Operator Score: 0.2609 (Basic)
---
HISTORICAL OBSERVATION
Monitoring Period: June 16-21, 2026
Total Observations: 22
Threat Observation Count: 0
Persistence Days: 0
Is Persistently Malicious: No
Temporal Analysis:
- Ownership Changes: 0
- Stability: High (consistent classification)
- Recent Risk Trend: Stable
The IP has maintained consistent "Basic" classification throughout the observation window with no deterioration in security posture.
---
SUBNET ANALYSIS
Network: 159.89.132.0/24
- Abuse Density: 0 (Clean)
- Classification: Clean
- Total Siblings: 2
- Active Siblings: 1
- Threat Siblings: 0
Neighbor Risk Assessment:
- Neighbor 159.89.132.49: Risk Score 25, Authority Score 50
- No high-risk neighbors identified
---
RELATIONSHIP MAPPING
Identified Relationships: 19 total
- Same Network: Multiple entries for DIGITALOCEAN-159-89-0-0
- DNS Associations: Multiple entries for prod-barium-sfo2-65.do.binaryedge.ninja
The relationship graph indicates standard cloud provider infrastructure with DNS associations pointing to a binaryedge.ninja domain.
---
SECURITY RECOMMENDATIONS
Current Action Status: No specific actions required
Recommended Firewall Rules: None generated (low-risk profile)
Monitoring Priorities:
- Monitor SSH port activity for unauthorized access attempts
- Watch for DNS resolution changes
- Track for new blacklist appearances
- Observe neighbor 159.89.132.49 for correlated activity
---
CONCLUSION
IP 159.89.132.71 represents a benign DigitalOcean cloud infrastructure endpoint. The low risk score, clean subnet classification, absence of threat indicators, and stable historical observations support continued monitoring without immediate blocking or escalation. No defensive action is warranted based on current intelligence.
---
Data Source: IPDebrief Intelligence Platform
Analysis Methodology: Multi-dimensional threat assessment including profile, history, relationships, and neighborhood analysis
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | DIGITALOCEAN-159-89-0-0 |
| CIDR Block | 159.89.0.0/16 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | prod-barium-sfo2-65.do.binaryedge.ninja |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | prod-barium-sfo2-65.do.binaryedge.ninja |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 21% | 10 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-03 12:20:58 UTC |
| Last Seen | 2026-06-21 10:12:21 UTC |
| Profile Built | 2026-06-21 10:20:46 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 24 |
Full dossier details are available via our API.