134.209.235.25

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP INTELLIGENCE BRIEFING: 134.209.235.25/32

Target Profile

IP 134.209.235.25 is a cloud infrastructure endpoint operated by DigitalOcean, LLC (ASN: 14061) with geolocation anchored to Frankfurt am Main, Germany. The IP resolves to PTR hostname `portscanner-fra1-03.prod.cyberresilience.io` and is associated with the cyberresilience.io domain. The subnet is classified as cloud hosting infrastructure with firewalled/no-services status.

Risk Assessment

Overall risk score: 25 (Low Risk). The IP maintains stable BGP routing through AS37100→14061 with a 5,002-day delegation age and stable route history. Control plane data indicates RPKI validation and DNSSEC compliance. The IP appears on one DNSBL list out of eight total checks.

Network Context & Neighborhood

The /24 subnet (134.209.235.0/24) shows an abuse density of 0.0 with "mostly_clean" classification. One neighboring IP, 134.209.235.211, presents elevated risk (score: 65). The target IP's subnet contains 2 total siblings with 1 active and 1 threat-associated sibling.

Historical Observations

Signal history contains 31 observations with the latest signals recorded 27 June 2026. Operator score remains consistent at 0.4348 ("Basic" label). The IP demonstrates persistent cloud infrastructure classification with no observed ownership changes or threat persistence days. Recent observations confirm stable routing and cloud hosting attributes.

Threat Indicators

No active threat indicators detected:

No blacklist entries (0/8)
No Tor exit node association
No known campaign matches
No active threat feeds
No open ports or service banners

Email & DNS Reputation

DNS forward resolution confirmed. Email authentication includes SPF and DMARC records. No TLS certificates detected. PTR hostname suggests the IP is utilized for port scanning activities within the cyberresilience.io infrastructure.

Recommended Actions

No immediate firewall rules or blocking actions recommended. The IP exhibits low-risk characteristics consistent with legitimate cloud hosting operations. Monitor the associated neighbor IP 134.209.235.211 for potential correlated activity.

Classification: LOW RISK / CLOUD INFRASTRUCTURE

Provider: DigitalOcean, LLC (Frankfurt)

Status: Operational, No Active Threat Indicators

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇩🇪 Germany
Region	HE
City	Frankfurt am Main
Timezone	Europe/Berlin
Latitude	50.12
Longitude	8.68

🏢 Ownership & Registration

Organization	DigitalOcean, LLC
ASN	AS14061
Network Name	—
CIDR Block	134.209.224.0/20
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	portscanner-fra1-03.prod.cyberresilience.io
Forward Confirmed	Yes — FCrDNS verified
Forward Hostnames	`portscanner-fra1-03.prod.cyberresilience.io`

🔐 DNS Hygiene

Hygiene Score	100% (Excellent)
SPF	Present
DMARC	Present
FCrDNS	Verified
DNSSEC	Valid
CAA	Present

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Firewalled / No Services
Network Tier	Tier 3 — Basic operator with some routing infrastructure

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	25%	2	4
routing	24%	2	3
services	20%	2	4
ownership	24%	3	4
reputation	24%	1	3
geolocation	23%	2	2
Overall	23%	12	20

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (70%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-11 08:57:35 UTC
Last Seen	2026-06-27 19:02:09 UTC
Profile Built	2026-06-28 19:08:13 UTC
Data Freshness	Live
Signal Types	26
Total Observations	34

🔍 26 signal types · 34 observations collected

This report is generated from 26+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

134.209.235.25📋 Copy