64.62.156.210
IP Intelligence Briefing: 64.62.156.210
Date: 2026-06-11
---
**1. Risk Profile**
- Risk Score: 25 (Low Risk)
- Provider: Hurricane Electric (AS13650)
- Ownership: Managed by *The Shadowserver Foundation, Inc.* (AS6939)
- Geolocation: Boston, Massachusetts, US
- Threat Indicators: No malicious activity detected; no known campaigns, spam, or blacklisted associations.
---
**2. Network & Infrastructure**
- Network Role: Firewalled / No Services (no open ports or TLS certificates detected).
- DNS:
- PTR record: `scan-88-8.shadowserver.org`
- Forward DNS: `210.0-24.156.62.64.in-addr.arpa`
- Subnet: `64.62.156.0/24` (abuse density: 3.8%).
- Neighbors: 52 IPs in subnet; 2 high-risk, 21 medium-risk, 29 low-risk.
---
**3. Observation History**
- Recent Activity (Last 30 Days):
- DNS records consistently linked to *shadowserver.org* (secure SPF/DMArc configuration).
- BGP prefix `64.62.128.0/17` associated with Hurricane Electric.
- No spikes in threat signals or anomalous traffic.
---
**4. Relationships & Context**
- Linked Entities:
- Subnet: `HURRICANE-CE2897-4295868A` (Hurricane Electric).
- DNS: `shadowserver.org` (cybersecurity organization focused on threat intelligence).
- No malicious connections detected; all relationships are benign or infrastructure-related.
---
**5. Recommendations**
- Monitor Subnet: The `64.62.156.0/24` subnet contains 2 high-risk IPs; investigate potential lateral movement or shared infrastructure risks.
- Verify DNS: Confirm the legitimacy of `shadowserver.org` DNS records, as the IP is part of a known security organization.
- Baseline Traffic: Establish baseline behavior for this IP, as it appears to be a static, non-interactive system.
Conclusion: This IP is part of a legitimate cybersecurity infrastructure (Shadowserver Foundation) with no current malicious indicators. However, its subnet contains some risky neighbors, warranting further scrutiny.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | The Shadowserver Foundation, Inc. |
| ASN | AS6939 |
| Network Name | HURRICANE-CE2897-4295868A |
| CIDR Block | 64.62.156.0/24 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 210.0-24.156.62.64.in-addr.arpa |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | scan-88-8.shadowserver.org210.0-24.156.62.64.in-addr.arpa |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | 1/2 domains |
| DMARC | 1/2 domains |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
| Domains Checked | 2 domains |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | lighttpd/1.4.74 |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 13% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-26 12:52:23 UTC |
| Last Seen | 2026-06-11 05:29:05 UTC |
| Profile Built | 2026-06-11 06:14:31 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 27 |
Full dossier details are available via our API.