45.177.210.193

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 45.177.210.193

Date: 2026-06-18

---

1. Core Profile

Risk Score: 80 (High Risk)
Ownership: Registered to Fronteira Internet (ASN 268999) in Brazil (BR).
Geolocation: Located in Santana do Livramento, RS, Brazil (geoplausibility: false).
Network Role: Web server with active HTTP (80/443), SSH (22), and DNS services.
Threat Indicators: No known malicious campaigns, spam, or blacklist entries.

---

2. Observations & Activity

Recent Signals (Last 30 Days):

- Minimal operator score (0.13) with no significant routing anomalies.

- DNSSEC validated, but no CAA records or HTTP security headers (HSTS, CSP).

- HTTP server banner: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12.

- TLS certificate: Self-signed, local issuer (CN=localhost).

History Trends: No observed changes in risk or threat signals.

---

3. Relationships & Network Context

Linked Entities:

- Subnet: 45.177.210.0/24 (registered to Fronteira Internet).

- No correlated malicious IPs or campaigns detected.

Neighborhood:

- Subnet abuse density: 0% (clean).

- No neighboring IPs identified (likely isolated or private).

---

4. Threat & Mitigation Analysis

Risk Factors:

- High risk score despite no direct malicious indicators.

- Self-signed TLS certificate and lack of HTTP security headers (HSTS, CSP) suggest potential misconfiguration.

Recommendations:

- Monitor for unexpected traffic or service changes.

- Validate TLS certificate validity and implement HTTP security headers.

- Verify DNSSEC and CAA records for domain integrity.

- No firewall rules recommended due to no explicit threats.

---

Conclusion:

The IP is a high-risk web server in Brazil with no direct malicious activity detected. However, its self-signed certificate and lack of HTTP security headers warrant further investigation. SOC teams should focus on ensuring proper server configuration and monitoring for anomalies.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇧🇷 Brazil
Region	RS
City	Santana do Livramento
Timezone	—
Latitude	-30.89
Longitude	-55.53

🏢 Ownership & Registration

Organization	Fronteira Internet
ASN	AS268999
Network Name	360077
CIDR Block	45.177.208.0/22
RIR	ARIN
Country	BR
Abuse Contact	—

🌐 DNS Intelligence

PTR	193.210.177.45.fronteirainternet.com.br
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`193.210.177.45.fronteirainternet.com.br`

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Unknown
Service Purpose	Web Server
Network Tier	Unknown — Insufficient routing data to classify

No specific classification

🔌 Services & Open Ports

Port	Service	Protocol	Banner
80	http	tcp	—
443	https	tcp	—
22	ssh	tcp	SSH-2.0-OpenSSH_for_Windows_9.5
Closed Ports	25, 3389, 8080, 8443 (3 open / 7 scanned)

Server	Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
HTTP Title	—
SSH Version	SSH-2.0-OpenSSH_for_Windows_9.5

🔐 TLS Certificate

An expired certificate for CN=localhost was found on this IP. This may indicate a previously hosted website, a decommissioned service, or stale infrastructure.

⚠️

CN=localhost

Issued by CN=localhost

Self-signed: Yes

SANs	None
Valid From	2009-11-10T23:48:47+00:00
Valid Until	2019-11-08T23:48:47+00:00 (expired)
TLS Protocol	Tls13
Cipher Suite	TLS_AES_256_GCM_SHA384
Signature Algorithm	sha1RSA
Validity Period	3650 days
Serial Number	00B5C752C98781B503
Thumbprint	B0238C547A905BFA119C4E8BACCAEACF36491FF6

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	34%	2	3
routing	32%	2	3
services	28%	2	3
ownership	33%	3	3
reputation	17%	1	2
geolocation	21%	2	2
Overall	27%	12	16

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:04:21 UTC
Last Seen	2026-06-26 18:11:20 UTC
Profile Built	2026-06-24 12:40:46 UTC
Data Freshness	Live
Signal Types	23
Total Observations	25

🔍 23 signal types · 25 observations collected

This report is generated from 23+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

45.177.210.193📋 Copy

**1. Core Profile**

**2. Observations & Activity**

**3. Relationships & Network Context**

**4. Threat & Mitigation Analysis**