177.101.129.149
IP Intelligence Briefing: 177.101.129.149
Date: 2026-06-13
---
**1. Core Profile**
- Risk Rating: Moderate (45/100)
- Ownership:
- ISP: Ampernet Telecomunicações Ltda (ASN 28158)
- Location: Brazil (Paraná, Realeza), geolocated with 2500km accuracy radius.
- Network Role: Residential endpoint (not cloud, CDN, or mobile).
- Threat Indicators: No active malware, spam, or known attacker associations.
---
**2. Historical Observations (Last 30 Days)**
- Signal Stability: Ownership and threat persistence show no changes.
- DNS Behavior:
- Resolves to `149.129.101.177.dynamic.ampernet.com.br`.
- DNSSEC valid, no CAA records.
- Abuse Flags:
- Listed in 3/8 DNSBLs (medium severity), suggesting potential spam or abuse activity.
- No Tor exit node or malicious campaign correlations.
---
**3. Network Relationships**
- Linked Entities:
- Network: 173109 (same subnet).
- Hostname: `149.129.101.177.dynamic.ampernet.com.br` (dynamic DNS).
- No Known Malicious Associations: No ties to malicious organizations or subnets.
---
**4. Subnet Neighborhood**
- Subnet: 177.101.129.149/24.
- Abuse Density: 0% (no malicious neighbors detected).
- Active Siblings: 0 (isolated endpoint).
---
**5. Actionable Insights**
- Monitor DNSBL Listings: Investigate why the IP is listed in 3 DNSBLs; could indicate spam or spoofing.
- Geolocation Anomalies: The inferred geolocation (latitude -14.24, longitude -51.93) is inconsistent with the declared location in Paraná, Brazil. Verify if the IP is being used for geographic spoofing.
- Residential Risk: While residential IPs are common, ensure no unexpected traffic patterns (e.g., botnet C2, DDoS).
---
Conclusion:
The IP is a low-to-moderate risk residential endpoint with no direct malicious indicators. However, its DNSBL listings and geolocation inconsistencies warrant further investigation. SOC teams should monitor for unusual traffic patterns and validate the ISPβs claims about the IPβs usage.
Tools Used: `ipdebrief_profile`, `ipdebrief_history`, `ipdebrief_relationships`, `ipdebrief_neighbors`.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Ampernet Telecomunicações Ltda |
| ASN | AS28158 |
| Network Name | 173109 |
| CIDR Block | 177.101.128.0/20 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | β |
π DNS Intelligence
| PTR | 149.129.101.177.dynamic.ampernet.com.br |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 149.129.101.177.dynamic.ampernet.com.br |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Residential |
| Service Purpose | Residential Endpoint |
| Network Tier | End-User β Residential ISP endpoint |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 0% | 0 | 0 |
| routing | 0% | 0 | 0 |
| services | 0% | 0 | 0 |
| ownership | 25% | 1 | 1 |
| reputation | 0% | 0 | 0 |
| geolocation | 25% | 1 | 1 |
| Overall | 8% | 2 | 2 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-06 07:27:00 UTC |
| Last Seen | 2026-06-13 11:17:17 UTC |
| Profile Built | 2026-06-13 11:30:17 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.