134.209.27.156

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

# IP Intelligence Briefing: 134.209.27.156

Classification: Low Risk – Cloud Infrastructure Asset

Date of Assessment: 2026-06-26

Intel Level: Routine Observation

---

## Executive Summary

IP 134.209.27.156 is a DigitalOcean cloud infrastructure endpoint located in Slough, England (GB). Current threat indicators indicate minimal risk with a risk score of 0. The IP operates standard web services (HTTP/HTTPS) and SSH. No active threat campaigns, blacklisting, or malicious indicators detected in observation history.

---

## Ownership & Network Classification

Organization: DigitalOcean, LLC (ASN 14061)
Infrastructure Type: Cloud (DigitalOcean)
Geolocation: Slough, England, GB
BGP Prefix: 134.209.16.0/20
Route Stability: Unstable (route changes detected)

---

## Observed Services

Port	Protocol	Service	Status
22	TCP	SSH	Open (OpenSSH_9.2p1 Debian)
80	TCP	HTTP	Open
443	TCP	HTTPS	Open

---

## Threat Intelligence Signals

Risk Score: 0 (Low Risk)
Blacklist Count: 0
Abuse Confidence Score: Not applicable
Tor Exit Node: No
Known Attacker: No
Spam Source: No
Active Threat Campaigns: None identified

---

## Neighborhood Analysis (134.209.27.0/24)

Abuse Density: 1 (Minimal)
Classification: Mostly Clean
Threat Siblings: 1
Active Siblings: 0
Inherited Risk: 2 (Low)

---

## Historical Observations

Total Observations: 21 signals recorded
Observation Window: Recent data from 2026-06-26
Key Findings: Cloud infrastructure consistently identified; occasional connection failures observed; no persistent malicious behavior detected

---

## Relationships & Correlations

Network Association: Multiple same-network relationships to DIGITALOCEAN-134-209-0-0
Related Entities: Primarily network-level associations within DigitalOcean infrastructure

---

## Recommended Actions

Based on current risk profile, no immediate blocking actions are recommended. The IP exhibits characteristics of legitimate cloud infrastructure.

Suggested Monitoring:

Track SSH connection patterns (port 22)
Monitor for any changes in network role classification
Observe neighborhood for emerging threats

Firewall Decision: Allow with logging; no block recommended.

---

Analyst Notes: This IP represents standard DigitalOcean hosting infrastructure. Risk assessment supports continued monitoring without restrictive firewall rules.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇬🇧 United Kingdom
Region	England
City	Slough
Timezone	Europe/London
Latitude	51.52
Longitude	-0.62

🏢 Ownership & Registration

Organization	DigitalOcean, LLC
ASN	AS14061
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Web Server
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u10
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	—
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u10

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	36%	2	4
routing	8%	1	1
services	28%	2	3
ownership	24%	2	3
reputation	30%	1	3
geolocation	35%	2	3
Overall	27%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-12 09:40:06 UTC
Last Seen	2026-06-27 21:07:35 UTC
Profile Built	2026-06-28 15:13:03 UTC
Data Freshness	Live
Signal Types	20
Total Observations	24

🔍 20 signal types · 24 observations collected

This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

134.209.27.156📋 Copy