139.28.190.202
IP Intelligence Briefing: 139.28.190.202
Date: June 12, 2026
1. Profile Summary
- Risk Score: 55 (Moderate Risk)
- Ownership: Registered under ASN 200845 (Mnt-Wikiker).
- Geolocation: Spain (Castille-La Mancha), inferred with 500km accuracy.
- Network Role: Firewalled / No Services (no open ports or TLS/HTTP indicators).
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or DNS anomalies).
2. Observation History
- Recent Activity (June 2026):
- Geolocation inferred via multi-signal analysis (latitude 40.46, longitude -3.75).
- Subnet abuse density: 37.29% (mixed classification).
- No persistent threats or ownership changes.
3. Network Relationships
- Linked Entities:
- Belongs to network `ES-AVATELTELECOM-20190103` (repeated 14 times in relationships).
- No direct ties to known malicious organizations or subnets.
4. Neighborhood Analysis
- Subnet: 139.28.190.202/24
- Abuse Density: 8.1% (low overall risk, but 5 high-risk neighbors).
- Key Neighbors:
- 139.28.190.0 (risk score 80), 139.28.190.4 (55), and others with medium-low risk.
- Subnet Classification: Mixed (some IPs flagged for abuse).
5. Recommendations
- Monitor Subnet: Track high-risk neighbors (e.g., 139.28.190.0) for potential lateral movement.
- Verify Ownership: Confirm Mnt-Wikikerβs compliance practices, as the network is associated with a Spanish ISP.
- Enhance Geolocation Validation: Cross-check inferred location with additional probes due to 500km accuracy radius.
- Check for Anomalies: Monitor for unexpected service openings or DNS changes in the 139.28.190.0/22 subnet.
Conclusion:
The IP exhibits moderate risk with no direct malicious indicators. However, its subnet contains a mix of high/medium-low risk IPs, warranting closer scrutiny. No immediate action required, but ongoing monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Mnt-Wikiker |
| ASN | AS200845 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 20% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:40 UTC |
| Last Seen | 2026-06-22 14:08:29 UTC |
| Profile Built | 2026-06-22 14:17:23 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 19 |
Full dossier details are available via our API.