178.128.235.192
## THREAT INTELLIGENCE BRIEFING
IP Address: 178.128.235.192/32
Classification: Low Risk
Risk Score: 25/100
Date of Analysis: 2026-06-15
---
INFRASTRUCTURE PROFILE
The IP address belongs to DigitalOcean (ASN 14061) and is geolocated to Toronto, Ontario, Canada. The address operates within the 178.128.224.0/20 BGP prefix and is classified as cloud infrastructure with hosting capabilities. No services are actively open on the address, with the system operating in a firewalled state.
THREAT ASSESSMENT
Threat indicators returned empty with no known attacker flags, spam source designation, or Tor exit node activity. Blacklist enumeration showed zero matches, though DNSBL listing detected on 1 of 8 checked feeds. The control plane indicates route stability concerns (isRouteStable: false), and RPKI/IRR consistency data remains unavailable.
NETWORK CONTEXT
The 178.128.235.0/24 subnet exhibits a "mostly_clean" classification with an abuse density of 1. Historical analysis identified 1 threat sibling within the subnet. Neighborhood analysis returned no peer IPs, indicating isolated address usage within this segment.
OBSERVATION HISTORY
Analysis captured 20 signal observations, with the most recent activity dated 2026-06-15. Signals indicate no persistent malicious behavior (threatPersistenceDays: 0, isPersistentlyMalicious: false). Ownership changes remain at zero, suggesting stable infrastructure assignment.
RELATED ENTITIES
Relationship mapping identified only same-network associations with DigitalOcean. No external relationships detected for subnets, hostnames, organizations, or certificates.
RECOMMENDED ACTIONS
The IP presents low risk with no immediate threat indicators. Standard monitoring protocols apply. No specific firewall rules or blocking recommendations generated based on current risk profile.
---
END OF BRIEFING
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | digitalocean |
| ASN | AS14061 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-21 20:59:37 UTC |
| Last Seen | 2026-06-28 15:40:54 UTC |
| Profile Built | 2026-06-29 03:45:50 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 22 |
Full dossier details are available via our API.