IP INTELLIGENCE BRIEFING: 64.181.238.10/32
Classification: Low Risk / Oracle Cloud Infrastructure
---
EXECUTIVE SUMMARY
The IP address 64.181.238.10 is a low-risk infrastructure asset belonging to Oracle Corporation (AS31898), operating within Oracle Cloud infrastructure in San Jose, California. The asset presents a risk score of 25/100 with no known malicious activity, zero blacklist entries, and no association with threat campaigns. The IP operates as a single-service host within Oracle's SLDC (Service Level Data Center) network.
---
OWNERSHIP AND INFRASTRUCTURE
Organization: Oracle Corporation
ASN: 31898
BGP Prefix: 64.181.224.0/19
Network Type: CloudCompute
Geolocation: United States, California, San Jose
Infrastructure Classification: Oracle Cloud (SLDC-1)
The IP is classified as cloud infrastructure with a provider score of 0 and authority score of 0. Ownership stability shows no changes, and the asset maintains consistent registration within the ARIN registry.
---
THREAT INDICATORS ASSESSMENT
| Indicator | Status |
|---|---|
| Risk Score | 25/100 (Low) |
| Threat Observations | 0 |
| Threat Persistence Days | 0 |
| Blacklist Count | 0 |
| Tor Exit Node | No |
| Known Attacker | No |
| Spam Source | No |
| Known Campaigns | None |
Control Plane Analysis:
- DNSSEC: Valid
- Operator Score: 0.1304 (Minimal)
- DNSBL Listed: 1 of 8 total lists
- Route Stability: Unstable (0 route changes in 30 days)
- RPKI State: Not validated
---
NETWORK SERVICES
The IP presents an open SSH service on port 22/tcp with banner: "SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15". No HTTP/HTTPS services are active. TLS certificates are not present, and no reverse DNS records are configured.
---
NEIGHBORHOOD ANALYSIS
Subnet: 64.181.238.10/24
- Abuse Density: 0% (Clean)
- Classification: Clean
- Total Siblings: 1
- Active Siblings: 1
- Threat Siblings: 0
The immediate /24 subnet demonstrates no abuse activity and contains only one active IP address, indicating a contained cloud infrastructure deployment.
---
RELATIONSHIP GRAPH
The IP maintains 17 documented relationships, all classified as "Same Network" associations with ORCL-SLDC-1. This confirms the asset operates within Oracle's SLDC infrastructure network and is part of a larger cloud compute environment.
---
HISTORY AND TEMPORAL ANALYSIS
Observation Count: 18 total signals
Most Recent Activity: 2026-06-20
Historical analysis shows:
- No persistent malicious behavior observed
- Zero threat observation events
- Zero threat persistence days
- No ownership changes detected
- Standard port scanning activity recorded during recent observations
The IP's risk profile remains stable with no escalation in threat indicators over time.
---
RECOMMENDATIONS
Based on the risk profile, the following actions are recommended:
1. Allow List Consideration: The low risk score (25), clean neighborhood classification, and Oracle Corporation ownership suggest this IP is legitimate cloud infrastructure. Consider allowing traffic if it appears in legitimate business communications.
2. Monitor DNSBL Presence: The IP is listed on 1 of 8 DNSBL lists. Monitor for changes in blacklist status and investigate the specific list for context.
3. SSH Traffic Review: Review SSH port 22 traffic patterns to ensure they align with expected Oracle Cloud operations.
4. No Block Action Required: Current threat indicators do not warrant blocking. The IP is classified as low risk with no active threat associations.
---
END OF BRIEFING
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Oracle Corporation |
| ASN | AS31898 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Single-Service Host |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 18% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 18% | 10 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-16 14:59:35 UTC |
| Last Seen | 2026-06-28 03:46:21 UTC |
| Profile Built | 2026-06-29 03:51:36 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 23 |
Full dossier details are available via our API.