139.28.190.211
IP Intelligence Briefing: 139.28.190.211
*Generated via IPDebrief Threat Intelligence Platform*
---
**1. Core Profile**
- Risk Score: Moderate (55/100)
- Ownership: Registered to Mnt-Wikiker (ASN 200845) under ARIN.
- Geolocation: Spain (Castille-La Mancha), Fuente el Fresno. Coordinates unconfirmed.
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP activity).
- Threat Indicators: No malicious activity, no blacklist entries, no known campaigns.
---
**2. Observation History**
- Latest Activity:
- Geolocation confirmed via MaxMind (Spain, Fuente el Fresno).
- No recent threat signals or DNS anomalies.
- Trend: Stable over 30 days; no persistent malicious behavior.
---
**3. Network Relationships**
- Linked Entities:
- Subnet: 139.28.188.0/22 (ES-AVATELTELECOM-20190103).
- No direct ties to domains, certificates, or organizations.
- Control Plane:
- BGP prefix: 139.28.188.0/22.
- DNSSEC valid; no CAA records.
- 3 DNSBL listings (out of 8 total).
---
**4. Subnet Analysis**
- Subnet: 139.28.190.211/24
- Abuse Density: 22.4% (13 high-risk neighbors out of 58 total).
- High-Risk Neighbors:
- 139.28.190.0 (55/100), 139.28.190.4 (55/100), 139.28.190.124 (40/100), etc.
- Classification: Mixed (some neighbors flagged for abuse).
---
**5. Recommendations**
- Monitor Subnet: Elevated abuse density suggests potential compromise.
- Block High-Risk Neighbors: Consider isolating IPs with >50 risk scores.
- Verify Network Security: Investigate ES-AVATELTELECOM-20190103 for misconfigurations.
- Geolocation Validation: Confirm coordinates for precise threat mapping.
---
Conclusion: 139.28.190.211 is a low-risk IP with no direct malicious activity, but its subnet contains notable abuse density. SOC teams should prioritize subnet-level monitoring and validate network hygiene practices.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Mnt-Wikiker |
| ASN | AS200845 |
| Network Name | ES-AVATELTELECOM-20190103 |
| CIDR Block | 139.28.188.0/22 |
| RIR | ARIN |
| Country | ES |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 23% | 2 | 2 |
| Overall | 18% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-12 15:46:33 UTC |
| Last Seen | 2026-06-06 12:08:50 UTC |
| Profile Built | 2026-06-06 12:15:40 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 16 |
Full dossier details are available via our API.