174.138.9.115
INTELLIGENCE BRIEFING: 174.138.9.115
Subject: Cloud Compute Infrastructure Assessment
Classification: Low Risk / Monitor
Date: 2026-06-14
EXECUTIVE SUMMARY
IP address 174.138.9.115 is a low-risk cloud compute endpoint hosted within DigitalOcean's Amsterdam infrastructure. The IP presents minimal threat indicators with a risk score of 25/100. No active malicious campaigns detected.
TECHNICAL PROFILE
- Owner: DigitalOcean, LLC (ASN 14061)
- Location: Amsterdam, North Holland, Netherlands (NL)
- Infrastructure Type: Cloud Compute / Single-Service Host
- Risk Score: 25 (Low Risk)
- Provider Score: 0
- Authority Score: 0
THREAT INDICATORS
- Blacklist Status: Listed on 1 of 8 DNSBLs (non-blocking)
- Threat Sources: None identified
- Known Campaigns: None
- Tor Exit Node: No
- Proxy/VPN: No
NETWORK OBSERVATIONS
- Open Ports: TCP/22 (SSH - OpenSSH_9.6p1 Ubuntu)
- DNS Resolution: No PTR records, no forward resolution
- TLS Certificate: None detected
- HTTP Activity: No active web services
TEMPORAL ANALYSIS
- Observation Count: 18 historical signals
- Latest Activity: 2026-06-14
- Threat Persistence: 0 days
- Ownership Changes: 0
- Status: Not persistently malicious
NEIGHBORHOOD CONTEXT
- Subnet: 174.138.9.0/24
- Abuse Density: 1 (minimal)
- Classification: Mostly Clean
- Risk Distribution: No high or medium risk neighbors
- Active Siblings: 1
- Threat Siblings: 1
RELATIONSHIP MAPPING
- Network affiliation: DIGITALOCEAN-174-138-0-0/20
- Multiple routing relationships to same network prefix
- No external organization associations detected
SOC RECOMMENDATIONS
1. No immediate blocking required - Low risk classification with no active threat indicators
2. Monitor SSH traffic - Open port 22 detected; consider rate-limiting if this IP initiates connections
3. Routine monitoring - Continue standard observation for cloud compute infrastructure
4. Correlation opportunity - Review for any correlation with the 1 DNSBL-listed endpoint in subnet
RISK ASSESSMENT: This IP represents legitimate cloud hosting infrastructure with no evidence of abuse or malicious activity. Standard monitoring procedures apply.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 17% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 23% | 2 | 2 |
| Overall | 17% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-10 22:17:19 UTC |
| Last Seen | 2026-06-27 18:23:30 UTC |
| Profile Built | 2026-06-28 12:28:51 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 21 |
Full dossier details are available via our API.