59.152.12.212
IP Intelligence Briefing: 59.152.12.212
*Generated via IPDebrief tools*
---
**Risk Profile**
- Risk Score: 80 (High Risk)
- Threat Indicators: No direct malicious activity detected, but listed in 5 DNSBLs (DNS Blacklists).
- Network Role: Multi-Service Host (SSH, HTTP-alt open).
- Geolocation: Bangladesh (BD), latitude 23.7, longitude 90.37.
- Ownership: Registered to Masud Reza (ASN 18230, APNIC).
---
**Critical Findings**
1. Open Services:
- SSH (port 22) and HTTP-alt (port 8080) are active.
- Server banner: *Boa/0.94.14rc21*.
2. DNS & TLS Issues:
- No valid TLS certificate.
- DNSSEC validation enabled but CAA records present.
- No SPF/DKIM email authentication.
3. Historical Risk:
- Observed as "Minimal Risk" (score 0.25) in recent scans.
- No persistent malicious activity detected.
4. Network Relationships:
- Linked to ZIPNET-BD network (APNIC).
- No active neighboring IPs in the 59.152.12.0/24 subnet.
---
**Threat Context**
- DNSBL Listings: Flagged in 5/8 DNSBLs, suggesting potential spam or abuse.
- Geolocation Plausibility: Low (geo-consensus false).
- Control Plane: BGP route stability questionable (route changes last 30 days).
---
**Recommended Actions**
1. Monitor Traffic: Investigate SSH and HTTP-alt traffic for anomalies.
2. Block DNSBL IPs: Consider blocking IPs from listed DNSBLs.
3. Verify Ownership: Confirm Masud Rezaβs legitimacy via RDAP.
4. DNS Security: Ensure CAA records are configured to mitigate spoofing.
---
*End of Briefing*
*Generated on 2026-06-07*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Masud Reza |
| ASN | AS18230 |
| Network Name | β |
| CIDR Block | β |
| RIR | APNIC |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Multi-Service Host |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| 8080 | http-alt | tcp | β |
| Closed Ports | 25, 80, 443, 3389, 8443 (2 open / 7 scanned) | ||
| Server | Boa/0.94.14rc21 |
| HTTP Title | β |
| SSH Version | SSH-2.0-dropbear_0.48 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 27% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 16% | 1 | 2 |
| geolocation | 13% | 1 | 1 |
| Overall | 22% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-15 20:48:21 UTC |
| Last Seen | 2026-06-26 18:11:29 UTC |
| Profile Built | 2026-06-07 17:57:20 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 21 |
Full dossier details are available via our API.