186.45.131.188
IP Intelligence Briefing: 186.45.131.188
Date: 2026-06-07
---
**1. Core Profile**
- Risk Score: 70 (High Risk)
- Ownership:
- ISP: Telecommunication Services of Trinidad and Tobago (ASN 5639)
- Geolocation: Arima, Trinidad and Tobago (10.64°N, -61.28°E)
- Network: Residential ISP subnet (186.44.0.0/15)
- Threat Indicators:
- No direct malicious activity (no known campaigns, spam, or attacker listings).
- DNS: Resolves to `186-45-131-188.dynamic.tstt.net.tt` (residential).
- DNSBL: Listed in 3/8 DNSBLs (low abuse confidence).
- Network Role: Residential endpoint (no CDN, cloud, or proxy indicators).
---
**2. Observation History**
- Latest Activity (2026-06-07):
- DNSBL listings (3/8 lists) with moderate severity.
- Subnet abuse density: 0.5 (mostly clean, but 1/2 siblings flagged).
- Long-Term Trends:
- 18 observations over 30 days; no persistent malicious behavior.
- Geolocation consistent (Arima, Trinidad and Tobago).
- No TLS/certificates or open ports detected.
---
**3. Network Relationships**
- Subnet: 186.44.0.0/15 (TSTT residential network).
- Neighbors:
- 186.45.131.193 (risk score 55, moderate risk).
- ISP Connections:
- Linked to TSTTβs infrastructure (ASN 5639).
- No CDN/cloud/hosting indicators.
---
**4. Neighborhood Analysis**
- Subnet Abuse Density: 0 (low risk).
- Neighbor Risk:
- 1/1 sibling IP (186.45.131.193) has moderate risk.
- ISP-Wide Risk: TSTTβs network has no systemic abuse flags.
---
**5. Threat Assessment**
- Likelihood of Malicious Activity: Low.
- Key Risks:
- DNSBL listings (potential spam or phishing sources).
- Neighbor IP (186.45.131.193) requires further investigation.
- Mitigation Recommendations:
- Monitor DNS traffic for unusual patterns.
- Investigate neighbor IP for potential lateral movement or shared compromise.
- Consider allowing traffic unless specific suspicious activity is detected.
---
Conclusion:
This IP is a residential endpoint under TSTT, with no direct malicious indicators. However, its DNSBL listings and a moderate-risk neighbor warrant closer monitoring. SOC teams should prioritize investigating the neighbor IP and ensure DNS traffic is scrutinized for anomalies.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Telecommunication Services of Trinidad and Tobago |
| ASN | AS5639 |
| Network Name | β |
| CIDR Block | β |
| RIR | LACNIC |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 186-45-131-188.dynamic.tstt.net.tt |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 186-45-131-188.dynamic.tstt.net.tt |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Residential |
| Service Purpose | Residential Endpoint |
| Network Tier | End-User β Residential ISP endpoint |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 42% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 13% | 1 | 1 |
| Overall | 23% | 8 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-16 02:54:55 UTC |
| Last Seen | 2026-06-07 19:03:10 UTC |
| Profile Built | 2026-06-07 19:24:15 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 22 |
Full dossier details are available via our API.