159.89.51.105
# IP Intelligence Briefing: 159.89.51.105/32
Classification: Low Risk / Cloud Infrastructure
Analysis Date: 2026-06-19
Prepared For: SOC Operations Team
---
## Executive Summary
IP address 159.89.51.105 is a DigitalOcean cloud compute endpoint located in North Bergen, New Jersey, USA. The IP presents a low-risk profile with a risk score of 25/100. No active malicious indicators were observed, and the IP operates as a standard cloud infrastructure asset without open services.
---
## Ownership & Infrastructure
| Attribute | Value |
|---|---|
| **Organization** | DigitalOcean, LLC |
| **ASN** | 14061 |
| **BGP Prefix** | 159.89.48.0/21 |
| **Infrastructure Type** | CloudCompute |
| **Location** | US, NJ, North Bergen |
| **Geolocation Confidence** | 65% |
| **DNSSEC Valid** | Yes |
The IP is part of DigitalOcean's cloud infrastructure with route stability marked as false. The control plane shows an operator score of 0.1304 (Minimal) and the subnet is classified as "mostly_clean" with a 0.5 abuse density rating.
---
## Threat Assessment
Current Risk Score: 25/100 (Low Risk)
| Indicator | Status |
|---|---|
| Tor Exit Node | No |
| Known Attacker | No |
| Spam Source | No |
| Blacklist Count | 0 |
| DNSBL Listed | 1 of 8 |
| Known Campaigns | None |
No threat indicators were detected. The IP is not associated with any known threat campaigns or malicious activity feeds.
---
## Network Services & DNS
Service Status: Firewalled / No Services Detected
| Check | Result |
|---|---|
| Open Ports | None |
| TLS Certificate | No |
| HTTP Title | No |
| Server Banner | No |
| Hosted Domains | 0 |
| PTR Hostnames | None |
| Forward Resolution | Not Confirmed |
Email authentication records (SPF/DMARC) are absent. The IP shows no active service exposure, indicating it is either a backend service or properly hardened cloud instance.
---
## Neighborhood Analysis (159.89.51.0/24)
| Metric | Value |
|---|---|
| Total Siblings | 2 |
| Active Siblings | 2 |
| Threat Siblings | 1 |
| Abuse Density | 0.5 |
| Inherited Risk | 2 |
The /24 subnet contains minimal activity with one threat-adjacent sibling IP (159.89.51.248, Risk Score: 25). The subnet overall remains classified as "mostly_clean."
---
## Historical Observations
Analysis of 20 historical signals (2026-06-14 to 2026-06-19) reveals:
- Ownership Changes: None (0 observed)
- Threat Persistence: 0 days
- Observation Count: 1 threat-related observation
- Persistently Malicious: No
The IP has maintained consistent cloud infrastructure classification throughout the observation period with no escalation in threat posture.
---
## Relationship Graph
21 relationship entries identified, all mapping to "Same Network" targets under the DIGITALOCEAN-159-89-0-0 network block. No external hostname, organization, or certificate relationships were detected beyond the provider network.
---
## Recommended Actions
1. Allow with Monitoring: The IP presents a low-risk profile typical of cloud infrastructure. Standard allow policies are appropriate.
2. Monitor Subnet: One threat-adjacent sibling IP exists in the /24. Monitor for coordinated activity.
3. No Blocking Required: No actionable threat indicators warrant blocking or rate-limiting at this time.
---
Intelligence Confidence: High
Data Sources: IPDebrief Profile, History, Relationships, Neighborhood Analysis
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 22% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 17% | 2 | 3 |
| reputation | 24% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 20% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-12 21:54:06 UTC |
| Last Seen | 2026-06-27 22:00:37 UTC |
| Profile Built | 2026-06-28 16:05:11 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 23 |
Full dossier details are available via our API.