139.59.112.125

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 139.59.112.125/32

Date: Current

Classification: Low Risk

Status: Active Monitoring

## Executive Summary

IP address 139.59.112.125 is a DigitalOcean cloud infrastructure endpoint located in Singapore. Current risk assessment scores 25 (Low Risk) with no active threat indicators. The IP operates within a cloud compute environment with no open services detected. Historical analysis indicates persistent cloud hosting with stable network routing.

## Profile Overview

Attribute	Value
IP Address	139.59.112.125/32
Risk Score	25 (Low Risk)
ASN	14061
Organization	Digital Ocean Inc administrator
Location	Singapore, SG
Geolocation Confidence	0.65 (30km radius)
Network Type	Cloud Compute
Infrastructure Type	Cloud Hosting

## Threat Assessment

Current Indicators:

Blacklist Count: 0
Abuse Confidence Score: Not reported
Tor Exit Node: False
Known Attacker: False
Spam Source: False
DNSBL Listings: 1 of 8 lists

Network Classification Flags:

Cloud Infrastructure: Yes
CDN: No
VPN/Proxy: No
Residential: No
Bogon: No
Anycast: No

## Service & DNS Analysis

Open Ports: None detected

Service Status: Firewalled / No Services

DNS Resolution: No forward resolution confirmed

PTR Records: None

Email Authentication: SPF/DMARC not configured

DNSBL Status: Listed on 1 of 8 monitored blacklists (specific listing data available via RDAP)

## Neighborhood Analysis

Subnet: 139.59.112.0/24

Abuse Density: 0.5 (Moderate)
Classification: Mostly Clean
Total Siblings: 2
Active Siblings: 2
Threat Siblings: 1

Neighbor Risk Distribution:

High Risk: 0
Medium Risk: 0
Low Risk: 1

Notable Neighbor: 139.59.112.10 (Risk Score: 25, Authority Score: 50)

## Historical Observation Summary

Total Observations: 24 signals recorded

Observation Period: Multiple dates spanning recent history

Key Historical Signals:

Neighborhood classification consistently "mostly_clean" with inherited risk level 2
Operator score maintained at 0.3043 (Basic)
Route stability confirmed (True)
No persistent malicious behavior detected
Threat observation count: 1

Temporal Analysis:

No ownership changes recorded
Not persistently malicious
Route changes in 30 days: 0

## Relationship Graph

Network Associations: 33 relationships identified

Primary association: DIGITALOCEAN-AP network
All relationships classified as "Same Network"
No external entity links detected (subnets, hostnames, organizations, certificates)

## Recommended Actions

Security Recommendations: None currently required based on risk profile

Firewall Rules: Not applicable (low risk, no open services)

Monitoring Priority: Standard

Continue routine traffic monitoring
No immediate blocking or rate-limiting actions recommended
Monitor for changes in risk profile or threat indicators

## Intelligence Conclusion

The IP 139.59.112.125 represents a standard DigitalOcean cloud hosting endpoint with low-risk characteristics. The absence of open ports, combined with the low risk score and clean neighborhood profile, suggests legitimate cloud service usage. No immediate defensive action required. SOC teams should maintain standard monitoring protocols and review if any behavioral anomalies emerge in traffic patterns.

Analyst Notes: This IP appears to be part of normal cloud infrastructure operations. The single threat sibling in the neighborhood warrants awareness but does not indicate direct correlation with this endpoint.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇸🇬 Singapore
Region	—
City	Singapore
Timezone	Asia/Singapore
Latitude	1.35
Longitude	103.82

🏢 Ownership & Registration

Organization	Digital Ocean Inc administrator
ASN	AS14061
Network Name	—
CIDR Block	139.59.112.0/20
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Multi-Service Host
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.13
Closed Ports	25, 443, 3389, 8080, 8443 (2 open / 7 scanned)

Server	—
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.13

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	25%	2	4
routing	17%	2	3
services	35%	2	3
ownership	24%	3	4
reputation	24%	1	3
geolocation	23%	2	2
Overall	25%	12	19

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-08 23:18:04 UTC
Last Seen	2026-06-27 14:13:59 UTC
Profile Built	2026-06-28 08:19:39 UTC
Data Freshness	Live
Signal Types	25
Total Observations	30

🔍 25 signal types · 30 observations collected

This report is generated from 25+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

139.59.112.125📋 Copy