# IP INTELLIGENCE BRIEFING
Target: 134.209.101.17/32
Classification: Low-Risk Cloud Infrastructure
Date: 2026-06-21
## EXECUTIVE SUMMARY
Target IP 134.209.101.17 operates as a low-risk DigitalOcean cloud infrastructure endpoint located in Singapore. The IP demonstrates minimal threat exposure with a risk score of 25/100. Historical signals indicate stable, benign behavior with no persistent malicious activity detected. The subnet exhibits clean classification with minimal abuse density.
## OWNERSHIP & GEOLOCATION
- Organization: DigitalOcean, LLC (ASN 14061)
- Network: DIGITALOCEAN-134-209-0-0 (134.209.0.0/16)
- Location: Singapore (1.35°N, 103.82°E)
- Registration: ARIN
- Infrastructure Type: Cloud Compute / Hosting
## THREAT ASSESSMENT
| Metric | Value |
|---|---|
| Risk Score | 25 (Low Risk) |
| Reputation | Low Risk |
| Threat Persistence | 0 days |
| Campaign Likelihood | None |
| Blacklist Count | 1 (of 8 total lists) |
| Known Campaigns | None |
| Is Tor Exit | False |
## NETWORK PROFILE
- Status: Firewalled / No Services Open
- HTTP Response: 502 Bad Gateway
- Server Fingerprint: nginx/1.18.0
- DNS: SPF and DMARC records present
- Control Plane: DNSBL listed on 1/8 lists
- Route Stability: Unstable (route changes detected)
## NEIGHBORHOOD ANALYSIS
Subnet 134.209.101.17/24 shows:
- Abuse Density: 1 (mostly_clean classification)
- Inherited Risk: 2
- Active Siblings: 1
- Threat Siblings: 1
- Risk Distribution: No high or medium-risk neighbors detected
## OBSERVATION HISTORY (Recent 20 Signals)
- Last Observed: 2026-06-21T05:40:14 UTC
- Subnet Classification: Mostly clean with minimal inherited risk
- Ownership Stability: No ownership changes detected
- Threat Persistence: None observed
- Geo-location Consistency: Singapore-based signals consistent across probes
## RELATIONSHIP GRAPH
22 relationships identified, all mapping to the parent network DIGITALOCEAN-134-209-0-0. No external entity correlations beyond the hosting provider infrastructure.
## SECURITY RECOMMENDATIONS
1. No immediate blocking required β IP maintains low-risk profile
2. Monitor DNSBL status β 1 listing may warrant periodic review
3. Verify service requirements β Current firewall configuration shows no open ports (nginx/1.18.0 responding with 502)
4. Contextual blocking β Consider geographic restrictions if Singapore access is not required
5. Baseline logging β Establish traffic patterns for anomaly detection
## RISK CONCLUSION
The target IP represents standard cloud infrastructure with minimal malicious indicators. The combination of DigitalOcean hosting, Singapore geolocation, absence of open services, and clean neighborhood classification supports classification as low-risk. No immediate defensive action required unless specific organizational policies restrict cloud provider traffic or Singapore-based IP addresses.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | DIGITALOCEAN-134-209-0-0 |
| CIDR Block | 134.209.0.0/16 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | nginx/1.18.0 |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 27% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 27% | 2 | 3 |
| Overall | 24% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-30 10:57:53 UTC |
| Last Seen | 2026-06-29 07:28:02 UTC |
| Profile Built | 2026-06-29 07:29:55 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 21 |
Full dossier details are available via our API.