186.64.95.45
IP Intelligence Briefing: 186.64.95.45
*Generated via IPDebrief Analysis*
---
**Key Profile Summary**
- Risk Score: 65 (Moderate Risk)
- Ownership: Registered to NODOSUD S.A (AS27953) in Argentina (AR).
- Geolocation: Laboulaye, Argentina (latitude -34.23, longitude -63.43).
- Network Role: Firewalled / No Services (no open ports, TLS/HTTP services not detected).
- Threat Indicators: No direct malicious activity detected (no known attackers, spam, or Tor exit nodes).
- DNS: Associated with `host45.186-64-95.nodosud.com.ar` (PTR record). No email authentication (SPF/DMArc) detected.
---
**Observation History (Last 30 Days)**
- Threat Feed Listings: Listed in 2 out of 8 threat feeds (high-severity categories).
- Stability: No ownership changes; IP has remained under NODOSUD S.A.
- Behavioral Signals: No honeypot hits or enumeration activity detected.
---
**Network Relationships**
- Subnet: Part of 186.64.64.0/19 (NODOSUD S.A. CIDR block).
- DNS Associations: Linked to 5 instances of `host45.186-64-95.nodosud.com.ar`.
- BGP: Prefix `186.64.95.0/24` with AS27953. DNSSEC validated.
---
**Neighborhood Analysis**
- Subnet Abuse Density: 0% (low risk).
- Neighbor IPs:
- 186.64.95.27 (40 risk score)
- 186.64.95.31 (40 risk score)
- 186.64.95.39 (40 risk score)
- 186.64.95.47 (40 risk score)
- All neighbors show moderate risk, suggesting potential for lateral movement or shared infrastructure.
---
**Recommended Actions**
1. Monitor Subnet: Track activity in 186.64.64.0/19 for anomalies, as neighbors exhibit moderate risk.
2. DNS Monitoring: Investigate `host45.186-64-95.nodosud.com.ar` for potential command-and-control or phishing ties.
3. Firewall Rules: Consider blocking or monitoring traffic from this IP based on organizational risk tolerance.
4. Threat Feed Cross-Check: Verify listings in threat feeds (e.g., AlienVault OTX) for context.
---
Conclusion: This IP is associated with a local Argentine ISP and shows no direct malicious activity. However, its subnet contains moderate-risk neighbors, warranting closer scrutiny. SOC teams should prioritize monitoring DNS and network behavior while aligning with organizational threat thresholds.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | NODOSUD S.A |
| ASN | AS27953 |
| Network Name | 186.64.64.0 - 186.64.95.255 |
| CIDR Block | 186.64.64.0/19 |
| RIR | LACNIC |
| Country | AR |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | host45.186-64-95.nodosud.com.ar |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | host45.186-64-95.nodosud.com.ar |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-25 18:47:33 UTC |
| Last Seen | 2026-06-10 23:56:08 UTC |
| Profile Built | 2026-06-11 00:07:36 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 24 |
Full dossier details are available via our API.