159.89.20.134
IP Intelligence Briefing: 159.89.20.134
*Generated via IPDebrief tools (June 17, 2026)*
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Provider: DigitalOcean, LLC (ASN 14061)
- Geolocation: Frankfurt am Main, Hesse, Germany (US country code).
- Network Role: Cloud compute instance (DigitalOcean infrastructure).
- Services: Open SSH (port 22) with banner "SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15".
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or known attackers).
---
**2. Observation History**
- Recent Activity:
- Minimal risk score (0.25) observed on June 17 and 13, 2026.
- Stable network behavior with no abrupt changes in routing or services.
- No signs of scanning, phishing, or exploitation attempts.
- Longevity:
- Persistent as a cloud-hosted server with no abrupt ownership changes.
---
**3. Relationships & Network Context**
- Network Affiliation:
- Part of DigitalOceanβs 159.89.0.0/16 subnet.
- No direct links to malicious entities, C2 servers, or known attackers.
- Subnet Analysis:
- 159.89.20.134/24 subnet has zero abuse density and is classified as "mostly clean."
- No neighboring IPs identified (likely a small or isolated subnet).
---
**4. Security Recommendations**
- Monitor SSH: Ensure SSH keys are rotated and access is restricted to authorized users.
- Check for Anomalies: Verify no unexpected outbound connections or service changes.
- Maintain Compliance: Confirm adherence to DigitalOceanβs security policies for cloud instances.
- No Immediate Action Required: No actionable firewall rules or threat mitigation steps needed based on current data.
---
Conclusion:
159.89.20.134 is a legitimate DigitalOcean cloud server with no detected malicious activity. While its moderate risk score warrants routine monitoring, there is no evidence of active threats. Focus on maintaining standard security practices for cloud infrastructure.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 17% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 35% | 2 | 3 |
| Overall | 22% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:50 UTC |
| Last Seen | 2026-06-27 01:01:48 UTC |
| Profile Built | 2026-06-27 15:14:47 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 27 |
Full dossier details are available via our API.