45.238.106.165
IP Intelligence Briefing: 45.238.106.165
Date: 2026-05-30
---
**1. Core Profile**
- Risk Score: 55 (Moderate Risk)
- Ownership: Registered to OLAVE GUTIERREZ, ROLANDO IVAN (ASN 264758).
- Geolocation: Argentina (AR), Rio Negro, Chimpay.
- Network Role: Firewalled / No Services.
- Threat Indicators: No malicious activity detected (no indicators, blacklists, or campaigns).
---
**2. Neighborhood Analysis**
- Subnet: 45.238.106.0/24
- Abuse Density: 48% (mixed risk environment).
- High-Risk Neighbors: 9 IPs (80โ55 risk scores).
- Low-Risk Neighbors: 3 IPs (30โ0 risk scores).
- Notable: 14 of 29 subnet IPs are flagged as high/medium risk, suggesting potential network compromise or shared infrastructure.
---
**3. Historical Observations**
- Recent Activity:
- Geolocation inferred via multi-signal inference (confidence: 52%).
- DNSSEC validation confirmed (operator score: 0.13).
- No persistent threat activity (threat persistence days: 0).
- Risks: Low confidence in some signals (e.g., RTT anomalies).
---
**4. Relationships**
- Network Links:
- Directly linked to 45.238.104.0/22 subnet (same network).
- No direct ties to known malicious entities or campaigns.
---
**5. Recommended Actions**
1. Monitor Subnet: Investigate high-risk neighbors (e.g., 45.238.106.129, 45.238.106.134) for potential lateral movement.
2. Enhance Visibility: Deploy DNS monitoring to detect abnormal traffic patterns in the 45.238.104.0/22 subnet.
3. Firewall Rules: Block high-risk IPs (e.g., 45.238.106.129, 45.238.106.134) if they are not critical assets.
4. Verify Ownership: Confirm legitimacy of ASN 264758 (OLAVE GUTIERREZ) via ARIN/RDAP.
---
Conclusion: While the IP itself shows no direct malicious activity, its subnet contains a significant number of high-risk IPs. SOC teams should prioritize monitoring and isolating compromised neighbors to mitigate potential lateral threats.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | OLAVE GUTIERREZ, ROLANDO IVAN |
| ASN | AS264758 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | lighttpd/1.4.39 |
| HTTP Title | โ |
| SSH Version | SSH-2.0-dropbear <4??*???_??k?`?curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 27% | 2 | 3 |
| Overall | 19% | 9 | 12 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-14 13:24:51 UTC |
| Last Seen | 2026-06-07 06:25:52 UTC |
| Profile Built | 2026-06-07 06:38:59 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.