24.199.113.81
# IP INTELLIGENCE BRIEFING: 24.199.113.81/32
Classification: Low Risk Cloud Infrastructure
Date: 2026-06-28
Prepared For: SOC Analyst Team
---
## EXECUTIVE SUMMARY
IP 24.199.113.81 is a DigitalOcean cloud compute instance located in the Santa Clara, CA region. The address demonstrates low-risk characteristics with no active threat indicators, no known malicious activity, and standard cloud hosting behavior. The IP is classified as firewalled with no detectable open services.
---
## INFRASTRUCTURE PROFILE
| Attribute | Value |
|---|---|
| **ASN** | 14061 (DigitalOcean, LLC) |
| **Organization** | DigitalOcean, LLC |
| **BGP Prefix** | 24.199.112.0/20 |
| **Country** | United States (US) |
| **Region** | California (CA) |
| **City** | Santa Clara |
| **Infrastructure Type** | CloudCompute |
| **Cloud Provider** | DigitalOcean |
---
## RISK ASSESSMENT
- Overall Risk Score: 25/100 (Low Risk)
- Reputation Status: Low Risk
- Abuse Confidence Score: Null (no active abuse signals)
- Blacklist Count: 0
- Known Attacker Status: False
- Spam Source Status: False
- Tor Exit Node: False
- Operator Score: 0.1304 (Minimal)
---
## THREAT INTELLIGENCE
Active Threat Indicators: None detected
- No known malware campaigns correlated
- No threat feed matches
- No observed malicious scans or enumeration strikes
- No honeypot hits recorded
- No WAF violations detected
DNSBL Status: Listed on 1 of 8 total lists
---
## NETWORK BEHAVIOR
- Services Detected: No open ports detected (firewalled/no services)
- TLS Certificate: Not detected
- HTTP Banner: Not detected
- DNS PTR Records: None configured
- Forward Resolution: Not confirmed
- HTTP/2 Support: Not detected
- HSTS Header: Not present
---
## OBSERVATION HISTORY
Total Observations: 19 signals collected
Recent Signal Timeline:
1. 2026-06-28 15:55:24 UTC - Cloud infrastructure classification confirmed (DigitalOcean, is_cloud: true, is_hosting: true, confidence: 0.90)
2. 2026-06-20 13:53:22 UTC - Geolocation probe detected (confidence: 0.30)
3. 2026-06-20 13:49:59 UTC - Multi-signal geolocation inference: US (confidence: 0.65)
4. 2026-06-20 13:47:57 UTC - Operator score measurement (label: Minimal, score: 0.15)
Temporal Analysis:
- Threat persistence days: 0
- Ownership changes: 0
- Is persistently malicious: False
- Threat observation count: 1
---
## NEIGHBORHOOD ANALYSIS
Subnet: 24.199.113.81/24
| Metric | Value |
|---|---|
| **Abuse Density** | 1 |
| **Classification** | Mostly Clean |
| **Total Siblings** | 1 |
| **Active Siblings** | 1 |
| **Threat Siblings** | 1 |
Risk Distribution: No high, medium, or low risk siblings identified in risk distribution.
---
## GEOLOCATION VALIDATION
Data Quality Warning: Geolocation validation failed
- Claimed Location: Santa Clara, CA, US
- Distance Anomaly: 8,857.7 km reported
- RTT Anomaly: 87.0ms observed vs. minimum possible 177.2ms for claimed distance
- GeoPlausible: False
- Probe Count: 5
- Minimum Possible RTT: 177.2ms
*Note: Distance and RTT measurements suggest geolocation data may be inaccurate or the IP is being probed from a distant location.*
---
## RELATIONSHIP GRAPH
Connected Entities: 21 relationships identified
- Network Associations: 21 "Same Network" relationships to DIGITALOCEAN-24-199-64-0 network
- No external organization, hostname, or certificate relationships detected
---
## SECURITY ACTIONS & RECOMMENDATIONS
Current Status: No security actions required
Rationale:
- Risk score (25) falls within acceptable cloud infrastructure baseline
- No active threat indicators present
- No firewall rules or blocking recommendations generated
- IP is classified as standard cloud hosting with firewalled configuration
Recommended Monitoring:
- Continue standard logging for cloud infrastructure
- Monitor for any changes in threat indicators or abuse density
- Review DNSBL listing context if applicable to organizational policy
---
## CONCLUSION
IP 24.199.113.81 represents standard DigitalOcean cloud infrastructure with no malicious activity detected. The address should be treated as low-risk cloud hosting. No immediate blocking or mitigation actions are warranted. Standard logging and monitoring practices apply.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 41% | 2 | 6 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 24% | 10 | 18 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-21 21:00:21 UTC |
| Last Seen | 2026-06-28 15:55:42 UTC |
| Profile Built | 2026-06-29 03:59:38 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 25 |
Full dossier details are available via our API.