24.199.119.136
IP Intelligence Briefing: 24.199.119.136
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Provider: DigitalOcean, LLC (ASN 14061)
- Geolocation: Santa Clara, CA, US (GeoConsensus: True)
- Network Role: CloudCompute (Firewalled / No Services)
- Threat Indicators: No direct indicators (e.g., no malware, spam, or attack campaigns). However, historical observations show 1 threat signal with 4 pulse counts (likely benign, per provider data).
---
**2. Observation History**
- Recent Activity:
- 2026-06-08: Detected as "Moderate Risk" with 0.75 confidence (reputation score 0, 4 pulse counts).
- 2026-06-05: Minimal operator risk (0.13 score) and DNSSEC validation.
- 2026-05-31: Subnet abuse density: 1/256 (mostly clean).
- Trend: No persistent malicious activity; risk score stable.
---
**3. Relationships & Neighbors**
- Network Affiliation: Part of DigitalOceanβs `24.199.112.0/20` subnet.
- Neighbors: No active or risky sibling IPs in the /24 subnet (abuse density: 1/256).
- Linked Entities: No known malicious relationships (e.g., C2 servers, botnets).
---
**4. Security Actions**
- Recommended Mitigations:
- Firewall Rules:
```bash
iptables -A INPUT -s 24.199.119.136 -j DROP
nft add rule inet filter input ip saddr 24.199.119.136 drop
```
- WAF Rules:
- Cloudflare: `{"action":"block","expression":"ip.src eq 24.199.119.136"}`
- AWS WAF: `"Addresses":["24.199.119.136/32"]`
- Note: No specific actionable threats detected, but monitoring is advised due to historical "has_threats" flag.
---
**5. Summary**
24.199.119.136 is a DigitalOcean cloud instance with moderate risk. While no direct malicious indicators exist, historical data suggests potential benign anomalies (e.g., 4 pulse counts). The subnet has low abuse density, and no risky neighbors. SOC teams should monitor for unexpected behavior but may not require immediate action unless further anomalies are detected.
Next Steps: Validate historical "has_threats" signals with additional context; consider blocking the IP if it becomes active in suspicious activity.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | 24.199.112.0/20 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 24% | 2 | 3 |
| services | 8% | 1 | 1 |
| ownership | 35% | 3 | 6 |
| reputation | 28% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 26% | 11 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-17 03:08:38 UTC |
| Last Seen | 2026-06-28 04:28:21 UTC |
| Profile Built | 2026-06-28 22:32:59 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 25 |
Full dossier details are available via our API.