134.199.150.223
# IP Intelligence Briefing: 134.199.150.223/32
Date: 2026-06-15
Classification: Low Risk / Cloud Infrastructure
Risk Score: 25/100
## Executive Summary
The target IP address 134.199.150.223 is assigned to DigitalOcean, LLC (ASN 14061) within the DIGITALOCEAN-134-199-128-0 network block. Current risk assessment indicates LOW RISK with a score of 25. The IP exhibits cloud infrastructure characteristics with no active services exposed and no current blacklistings. Historical data reveals temporal variability in threat indicators, requiring ongoing monitoring.
## Network Ownership and Classification
- Organization: DigitalOcean, LLC
- ASN: 14061
- Network Block: 134.199.128.0/17
- Infrastructure Type: CloudCompute / Hosting
- Geolocation: Sydney, New South Wales, Australia (AU)
- Provider Status: Cloud provider with hosting services
## Technical Profile
- Open Ports: None (Firewalled / No Services)
- DNS Status: No forward resolution, no PTR records
- Email Authentication: SPF, DMARC, and TXT records not configured
- Certificate Status: No TLS certificates observed
- HTTP Services: No HTTP/HTTPS services detected
- Routing Classification: Is Route Stable: False
## Threat Indicators
- Blacklist Count: 0
- Known Campaigns: None
- Tor Exit Node: False
- Known Attacker: False
- Spam Source: False
- Abuse Confidence Score: Not applicable (no active threats)
- Threat Feeds: Empty
## Behavioral Analysis
- Honeypot Hits: 0
- Enumeration Strikes: 0
- WAF Violations: 0
- Threat Persistence Days: 0
- Persistently Malicious: False
## Observation History Analysis
Historical monitoring reveals 16 observations with notable temporal variability:
Recent Activity (2026-06-15):
- Threat indicators observed with 3 associated pulse signals
- DNSSEC operator score: Minimal (0.1304)
- Geolocation signals indicate potential location inconsistencies
Earlier Activity (2026-06-10):
- Subnet classification: Clean
- Abuse density: 0
- Inherited risk: 0
Analysis: The IP demonstrates signal volatility, transitioning between threat and clean classifications within a single week. This pattern warrants continued observation rather than immediate blocking.
## Neighborhood Assessment
- Subnet: 134.199.150.223/24
- Abuse Density: 0 (Clean)
- Threat Siblings: 0
- High/Medium/Low Risk Neighbors: 0 each
- Network Classification: Clean
The surrounding subnet shows no correlated malicious activity.
## Relationship Graph
- Network Relationships: Multiple relationships to DIGITALOCEAN-134-199-128-0
- Subnet Relationships: None
- Hostname Relationships: None
- Organization Relationships: None
- Certificate Relationships: None
## Recommended Actions
Current Status: No immediate blocking or mitigation actions recommended.
Justification:
1. Risk score of 25 falls within low-risk thresholds
2. No active services detected (reduces attack surface)
3. No current blacklistings or threat indicators
4. Cloud infrastructure context (DigitalOcean)
Monitoring Recommendations:
1. Maintain ongoing observation of threat indicators
2. Monitor for service enumeration attempts
3. Watch for geolocation signal inconsistencies
4. Alert on any transition to "persistently malicious" classification
## SOC Analyst Notes
This IP represents normal cloud infrastructure activity. The low risk score, combined with zero services and clean neighborhood data, indicates legitimate DigitalOcean hosting. The historical threat signals from June 15th may represent transient scanning activity or misattribution. No immediate defensive action required. Continue standard monitoring protocols.
---
Generated by IPDebrief Intelligence Platform
Analysis Toolset: Full profile, history, relationships, neighborhood, and actions assessment
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | DIGITALOCEAN-134-199-128-0 |
| CIDR Block | 134.199.128.0/17 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 36% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 18% | 1 | 2 |
| geolocation | 25% | 2 | 2 |
| Overall | 22% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-25 00:40:07 UTC |
| Last Seen | 2026-06-29 00:45:51 UTC |
| Profile Built | 2026-06-29 06:48:27 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 21 |
Full dossier details are available via our API.