IP Intelligence Briefing: 139.59.132.8
*Generated via IPDebrief tools*
---
**Core Profile**
- Risk Score: 25 (Low Risk)
- Provider: DigitalOcean (ASN 14061)
- Geolocation: Frankfurt, Germany (Hesse)
- Network Role: Cloud infrastructure (multi-service host)
- Services:
- Open ports: HTTP (80/TCP), SSH (22/TCP)
- Server banner: `lighttpd/1.4.59`
- No TLS certificate detected
---
**Threat Indicators**
- No malicious indicators: No malware, phishing, or exploit activity detected.
- DNS Associations: Linked to `leakix.org` (potential monitoring/service discovery).
- BGP/Routing: Stable route with AS-path `57866 14061` (DigitalOcean).
---
**Observation History (30 Days)**
- Consistent behavior:
- No spikes in scan activity or DNS anomalies.
- HTTP server (lighttpd) remains stable with no changes in banners or HTTP responses.
- DNSBL Listings: 2 out of 8 lists (low-severity).
---
**Relationships**
- Network: Part of DigitalOceanβs `DIGITALOCEAN-AP` network (AS14061).
- DNS: Resolves to `a113ac0491.scan.leakix.org` (likely passive monitoring).
- No known campaigns or malicious associations.
---
**Neighborhood Analysis**
- Subnet: `139.59.132.8/24`
- Abuse Density: 1/100 (low risk).
- Neighbors:
- `139.59.132.35` (risk score 25, same provider).
- No high-risk siblings detected.
---
**Recommended Actions**
1. Monitor DNS activity: Investigate `leakix.org` ties for potential passive reconnaissance.
2. Verify SSH access: Ensure SSH credentials are secured, given the public SSH banner.
3. Maintain baseline: No immediate mitigation required due to low risk profile.
---
Note: This IP is associated with legitimate cloud infrastructure. No active threats detected.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Digital Ocean Inc administrator |
| ASN | AS14061 |
| Network Name | DIGITALOCEAN-AP |
| CIDR Block | 139.59.128.0/19 |
| RIR | ARIN |
| Country | DE |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | a113ac0491.scan.leakix.org |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | a113ac0491.scan.leakix.org |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Multi-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 443, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | lighttpd/1.4.59 |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u7 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 4 |
| routing | 17% | 2 | 3 |
| services | 23% | 2 | 4 |
| ownership | 27% | 3 | 4 |
| reputation | 27% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 26% | 12 | 21 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-09 05:25:27 UTC |
| Last Seen | 2026-06-27 14:50:36 UTC |
| Profile Built | 2026-06-28 08:56:11 UTC |
| Data Freshness | Live |
| Signal Types | 29 |
| Total Observations | 35 |
Full dossier details are available via our API.