64.23.214.73
IP Intelligence Briefing: 64.23.214.73
Date: 2026-05-31
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Provider: DigitalOcean, LLC (ASN 14061)
- Geolocation: Santa Clara, CA, US (inferred via geolocation signals)
- Network Role: Cloud infrastructure (DigitalOcean)
- Threat Indicators: No malicious activity detected (no indicators, blacklist entries, or campaigns).
---
**2. Observation History**
- Recent Activity (2026-05-31):
- Geolocation signal with 65% confidence, consistent with US origin.
- Network operator score of 0.13 (Minimal risk).
- No changes in threat signals or network behavior observed.
---
**3. Relationships**
- Network Associations:
- Linked to DigitalOceanβs subnet `64.23.128.0/19`.
- Associated with hostname `mechanicus.census.shodan.io` (Shodan.io infrastructure).
- DNS:
- PTR record points to `mechanicus.census.shodan.io`.
- SPF and DMARC records present, suggesting legitimate email setup.
---
**4. Neighborhood Analysis**
- Subnet: `64.23.214.73/24`
- Abuse Density: 0 (no malicious activity in sibling IPs).
- Neighbors: No active or risky IPs in the subnet.
---
**5. Threat Context**
- No Known Threats: No malware, phishing, or exploit activity detected.
- Shodan Link: The hostname `mechanicus.census.shodan.io` suggests this IP may host Shodanβs scanning infrastructure, which is generally benign but requires monitoring for unexpected changes.
---
**6. Recommendations**
- Monitor: Track changes in the Shodan hostnameβs behavior or DNS records.
- Verify: Confirm if the Shodan association is intentional (e.g., internal scanning tools).
- Baseline: Use historical data to detect anomalies in future observations.
Conclusion: This IP is part of DigitalOceanβs infrastructure and appears legitimate. No immediate action required, but ongoing monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DigitalOcean, LLC |
| ASN | AS14061 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | mechanicus.census.shodan.io |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | mechanicus.census.shodan.io |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 20% | 2 | 3 |
| routing | 8% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 20% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 23% | 2 | 2 |
| Overall | 17% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-11 08:59:18 UTC |
| Last Seen | 2026-06-27 19:26:00 UTC |
| Profile Built | 2026-06-28 13:32:34 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 24 |
Full dossier details are available via our API.