# THREAT INTELLIGENCE BRIEFING
## IP Address: 134.209.168.147/32
Classification: Cloud Infrastructure (DigitalOcean) | Risk Level: LOW
Executive Summary
IP 134.209.168.147 is a DigitalOcean cloud compute instance hosting a web server application. The IP maintains a low-risk profile (risk score: 25) with no active malicious indicators. Infrastructure is classified as cloud-based with standard web services exposed.
Ownership & Infrastructure
- Organization: DigitalOcean, LLC (ASN 14061)
- BGP Prefix: 134.209.160.0/20
- Location: United States (Clifton, NJ)
- Infrastructure Type: Cloud Compute (Cloud Hosting)
- Route Stability: Unstable routing observed
Network Services & Configuration
- Open Ports: TCP/80 (HTTP), TCP/443 (HTTPS), TCP/22 (SSH)
- Web Server: nginx
- TLS Certificate: Sectigo Public Server Authentication CA DV R36
- Certificate Subject: *.cloudwaysapps.com
- PTR Hostname: 1622259.cloudwaysapps.com
- DNS Resolution: cloudwaysapps.com
Threat Indicators
- Abuse Confidence: Not available
- Known Attacker: No
- Spam Source: No
- Tor Exit Node: No
- Known Campaigns: None
- DNSBL Listings: 1 of 8 total lists
- Threat Persistence: Not persistently malicious
- Threat Observation Count: 1
Observation History
Signal observation history shows 25 recorded observations with minimal recent activity. Geolocation validation remains consistent (US). No significant changes in threat posture observed. ICMP validation attempts were blocked, preventing precise geolocation confirmation.
Neighborhood Analysis
- Subnet: 134.209.168.0/24
- Abuse Density: 1 (mostly clean classification)
- Risk Inheritance: 2
- Subnet Siblings: 1 active sibling, 1 threat sibling identified
Relationship Graph
67 network-level relationships identified, primarily to DigitalOcean network prefixes. No significant hostname or certificate relationship anomalies detected.
Recommended Actions
- Monitoring: Continue standard monitoring; no immediate blocking recommended
- Firewall: Standard cloud infrastructure rules apply
- Alerting: No threat-based alerting required based on current profile
Assessment: This IP represents legitimate cloud infrastructure with typical web hosting characteristics. No actionable threats identified.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 1622259.cloudwaysapps.com |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 1622259.cloudwaysapps.com |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u7 |
π TLS Certificate
| SANs | *.cloudwaysapps.comcloudwaysapps.com |
| Valid From | 2026-03-24T00:00:00+00:00 |
| Valid Until | 2026-09-08T23:59:59+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 168 days |
| Serial Number | 009B708F987840C872F8BA3107B1BE80B7 |
| Thumbprint | 6C279C136F317BAEDEEEEA2E6CD5AABC7627E2E2 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 25% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 23% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:39 UTC |
| Last Seen | 2026-06-26 22:19:17 UTC |
| Profile Built | 2026-06-27 18:31:28 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 30 |
Full dossier details are available via our API.