# IP Intelligence Briefing: 200.229.252.75/32
Classification: Moderate Risk
Date: Current Analysis
---
## Executive Summary
IP address 200.229.252.75 is assigned to ASN 52465 (Carcamo German Rodrigo) and geolocates to Rosario, Argentina (AR). The asset presents a moderate risk profile (score: 55/100) with no active threat indicators detected. The IP operates in a subnet exhibiting mixed classification characteristics with elevated abuse density. No services or open ports were detected during analysis.
---
## Technical Profile
| Attribute | Value |
|---|---|
| **Risk Score** | 55/100 (Moderate) |
| **ASN** | 52465 |
| **Organization** | Carcamo German Rodrigo |
| **Country** | Argentina (AR) |
| **City** | Rosario |
| **CIDR Block** | 200.229.252.0/24 |
| **Network Role** | Firewalled / No Services |
| **DNS Resolution** | Not Resolved |
| **Blacklist Count** | 0 |
| **Known Attacker** | False |
| **Spam Source** | False |
---
## Neighborhood Analysis
The 200.229.252.0/24 subnet demonstrates elevated activity patterns:
- Abuse Density: 0.375 (moderate)
- Total Subnet Siblings: 8
- Active Siblings: 3
- Threat Siblings: 3
- Risk Distribution: 7 medium-risk neighbors, 0 high-risk neighbors
Notable adjacent IPs with elevated risk scores include:
- 200.229.252.72 (Risk: 70)
- 200.229.252.73 (Risk: 55)
- 200.229.252.79 (Risk: 55)
The subnet's mixed classification suggests legitimate and potentially compromised endpoints coexist within the same address block.
---
## Observation History
Analysis of signal history reveals 19 observations across the monitoring period. Key temporal signals include:
- 2026-06-25: Multiple signal observations recorded with confidence levels ranging from 0.20 to 0.52
- 2026-06-04: Geolocation inference confirmed Argentina (AR) with 52% confidence
The IP demonstrates threat persistence of 0 days and is not classified as persistently malicious.
---
## Network Relationships
Relationship mapping identifies 12 connections, all representing same-network relationships to the 200.229.252.0/24 range (200.229.252.0 - 200.229.255.255). No external organization, hostname, or certificate relationships were detected.
---
## Control Plane Assessment
- Origin ASN: 52465
- BGP Prefix: 200.229.252.0/24
- RPKI State: Not available
- Route Stability: False
- DNSSEC Valid: True
- DNSBL Listed: 3 of 8 total lists
---
## Recommended Actions
Based on the elevated risk score (55/100), the following security actions are recommended:
Monitoring
- Increase logging verbosity for traffic from this IP
- Review recent activity patterns within the subnet
Firewall Rules
iptables:
```
iptables -A INPUT -s 200.229.252.75 -j DROP
```
nftables:
```
nft add rule inet filter input ip saddr 200.229.252.75 drop
```
nginx:
```
deny 200.229.252.75;
```
pfSense:
```
200.229.252.75/32
```
Cloudflare WAF:
```json
{
"description": "Block 200.229.252.75 โ IPDebrief risk score 55",
"action": "block",
"filter": {
"expression": "ip.src eq 200.229.252.75"
}
}
```
AWS WAF:
```json
{
"Addresses": ["200.229.252.75/32"],
"Description": "IPDebrief risk 55"
}
```
---
## Assessment Notes
The IP address presents moderate risk due to its presence in a subnet with mixed abuse characteristics. While no direct threat indicators were detected for this specific IP, the neighborhood context suggests potential lateral risk. Recommended action is to implement monitoring and consider blocking based on organizational risk tolerance thresholds.
Analyst Note: This assessment is based on automated intelligence gathering. Correlate with internal telemetry before implementing blocking measures.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Carcamo German Rodrigo |
| ASN | AS52465 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | LACNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 19% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 19% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-08 11:10:20 UTC |
| Last Seen | 2026-06-25 05:51:39 UTC |
| Profile Built | 2026-06-25 05:57:30 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.