64.181.238.10

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP INTELLIGENCE BRIEFING: 64.181.238.10/32

Classification: Low Risk / Oracle Cloud Infrastructure

---

EXECUTIVE SUMMARY

The IP address 64.181.238.10 is a low-risk infrastructure asset belonging to Oracle Corporation (AS31898), operating within Oracle Cloud infrastructure in San Jose, California. The asset presents a risk score of 25/100 with no known malicious activity, zero blacklist entries, and no association with threat campaigns. The IP operates as a single-service host within Oracle's SLDC (Service Level Data Center) network.

---

OWNERSHIP AND INFRASTRUCTURE

Organization: Oracle Corporation

ASN: 31898

BGP Prefix: 64.181.224.0/19

Network Type: CloudCompute

Geolocation: United States, California, San Jose

Infrastructure Classification: Oracle Cloud (SLDC-1)

The IP is classified as cloud infrastructure with a provider score of 0 and authority score of 0. Ownership stability shows no changes, and the asset maintains consistent registration within the ARIN registry.

---

THREAT INDICATORS ASSESSMENT

Indicator	Status
Risk Score	25/100 (Low)
Threat Observations	0
Threat Persistence Days	0
Blacklist Count	0
Tor Exit Node	No
Known Attacker	No
Spam Source	No
Known Campaigns	None

Control Plane Analysis:

DNSSEC: Valid
Operator Score: 0.1304 (Minimal)
DNSBL Listed: 1 of 8 total lists
Route Stability: Unstable (0 route changes in 30 days)
RPKI State: Not validated

---

NETWORK SERVICES

The IP presents an open SSH service on port 22/tcp with banner: "SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15". No HTTP/HTTPS services are active. TLS certificates are not present, and no reverse DNS records are configured.

---

NEIGHBORHOOD ANALYSIS

Subnet: 64.181.238.10/24

Abuse Density: 0% (Clean)
Classification: Clean
Total Siblings: 1
Active Siblings: 1
Threat Siblings: 0

The immediate /24 subnet demonstrates no abuse activity and contains only one active IP address, indicating a contained cloud infrastructure deployment.

---

RELATIONSHIP GRAPH

The IP maintains 17 documented relationships, all classified as "Same Network" associations with ORCL-SLDC-1. This confirms the asset operates within Oracle's SLDC infrastructure network and is part of a larger cloud compute environment.

---

HISTORY AND TEMPORAL ANALYSIS

Observation Count: 18 total signals

Most Recent Activity: 2026-06-20

Historical analysis shows:

No persistent malicious behavior observed
Zero threat observation events
Zero threat persistence days
No ownership changes detected
Standard port scanning activity recorded during recent observations

The IP's risk profile remains stable with no escalation in threat indicators over time.

---

RECOMMENDATIONS

Based on the risk profile, the following actions are recommended:

1. Allow List Consideration: The low risk score (25), clean neighborhood classification, and Oracle Corporation ownership suggest this IP is legitimate cloud infrastructure. Consider allowing traffic if it appears in legitimate business communications.

2. Monitor DNSBL Presence: The IP is listed on 1 of 8 DNSBL lists. Monitor for changes in blacklist status and investigate the specific list for context.

3. SSH Traffic Review: Review SSH port 22 traffic patterns to ensure they align with expected Oracle Cloud operations.

4. No Block Action Required: Current threat indicators do not warrant blocking. The IP is classified as low risk with no active threat associations.

---

END OF BRIEFING

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇺🇸 United States
Region	CA
City	San Jose
Timezone	—
Latitude	37.24
Longitude	-121.79

🏢 Ownership & Registration

Organization	Oracle Corporation
ASN	AS31898
Network Name	—
CIDR Block	—
RIR	ARIN
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Infrastructure / Datacenter
Service Purpose	Single-Service Host
Network Tier	Hosting — Infrastructure provider without advanced routing

CloudHosting

🔌 Services & Open Ports

Port	Service	Protocol	Banner
22	ssh	tcp	SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15
Closed Ports	25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned)

Server	—
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	27%	2	3
routing	8%	1	1
services	15%	2	2
ownership	20%	2	3
reputation	18%	1	2
geolocation	19%	2	2
Overall	18%	10	13

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-16 14:59:35 UTC
Last Seen	2026-06-28 03:46:21 UTC
Profile Built	2026-06-29 03:51:36 UTC
Data Freshness	Live
Signal Types	18
Total Observations	23

🔍 18 signal types · 23 observations collected

This report is generated from 18+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

64.181.238.10📋 Copy