64.225.120.193
# IP INTELLIGENCE BRIEFING
Target: 64.225.120.193/32
Classification: Cloud Infrastructure IP
Generated: Current
Risk Level: LOW (25/100)
---
## EXECUTIVE SUMMARY
Target 64.225.120.193 is a DigitalOcean cloud infrastructure address in Santa Clara, CA. The IP operates within a low-risk profile with minimal threat indicators. Despite low overall risk, the address shows historical threat observations and should be monitored within cloud egress contexts.
---
## OWNERSHIP & GEOLOCATION
| Attribute | Value |
|---|---|
| **Organization** | DigitalOcean, LLC |
| **ASN** | 14061 |
| **CIDR Block** | 64.225.112.0/20 |
| **Location** | Santa Clara, CA, US |
| **RIR** | ARIN |
| **Geolocation Confidence** | Consensus confirmed |
---
## NETWORK CLASSIFICATION
| Attribute | Value |
|---|---|
| **Infrastructure Type** | CloudCompute |
| **Provider** | DigitalOcean |
| **Connection Type** | N/A |
| **DNS Resolved** | No PTR hostnames |
| **HTTP/HTTPS** | No services detected |
| **Open Ports** | None |
| **Tor/Proxy/VPN** | No |
| **Bogon/Anycast** | No |
---
## THREAT INTELLIGENCE
| Metric | Value |
|---|---|
| **Risk Score** | 25 |
| **Abuse Confidence** | Not applicable |
| **Blacklist Count** | 0 |
| **Threat Feeds** | None |
| **Campaign Correlation** | None |
| **Tor Exit Node** | No |
| **Known Attacker** | No |
| **Spam Source** | No |
---
## OBSERVATION HISTORY (24 Signals)
Recent activity concentrated in June 2026:
- 2026-06-20: Multiple routing and geolocation signals (confidence 0.85-0.95)
- 2026-06-15: Cloud infrastructure classification confirmed (DigitalOcean)
- Signal Pattern: Consistent cloud hosting signals with 1 threat observation noted
- Temporal Stability: Ownership unchanged, threat persistence days: 0
---
## NETWORK RELATIONSHIPS
- Total Relationships: 20
- Relationship Type: Same Network (DIGITALOCEAN-64-225-0-0)
- Network Scope: All relationships point to parent DigitalOcean network block
- Network Classification: Established cloud infrastructure network
---
## NEIGHBORHOOD ANALYSIS
| Metric | Value |
|---|---|
| **Subnet** | 64.225.120.193/24 |
| **Abuse Density** | 1 |
| **Total Siblings** | 1 |
| **Active Siblings** | 1 |
| **Threat Siblings** | 1 |
| **Risk Distribution** | High: 0, Medium: 0, Low: 0 |
---
## CONTROL PLANE DATA
| Metric | Value |
|---|---|
| **Origin ASN** | 14061 |
| **Route Stability** | Stable |
| **BGP Prefix** | 64.225.112.0/20 |
| **RPKI State** | Not validated |
| **IRR Consistency** | Match |
| **Route Changes (30d)** | 0 |
| **DNSSEC Valid** | Yes |
---
## SOC RECOMMENDATIONS
1. Firewall Policy: Monitor as cloud egress traffic. No blocking required based on current risk profile.
2. Traffic Analysis: Expect no open ports (firewalled/no services). Focus on traffic patterns rather than port scanning.
3. Historical Context: Review 2026-06-20 threat observation for correlation with other indicators.
4. Network Context: Treat as part of DigitalOcean infrastructure. Correlate with other 64.225.112.0/20 addresses if investigating.
5. Threat Hunting: Monitor for changes in service patterns or risk score increases above 50.
6. DNS Analysis: No DNS resolution activity detected. No SPF/DMARC records applicable.
---
## CONCLUSION
Target 64.225.120.193 is a DigitalOcean cloud compute address with low-risk characteristics. No immediate blocking action warranted. Monitor for service activation or risk score escalation. Correlate with broader DigitalOcean network activity for contextual threat assessment.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | 64.225.112.0/20 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 4 |
| routing | 19% | 3 | 4 |
| services | 15% | 2 | 2 |
| ownership | 27% | 3 | 4 |
| reputation | 26% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 23% | 13 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (65%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-17 03:09:25 UTC |
| Last Seen | 2026-06-28 04:42:48 UTC |
| Profile Built | 2026-06-28 22:47:04 UTC |
| Data Freshness | Live |
| Signal Types | 25 |
| Total Observations | 29 |
Full dossier details are available via our API.