187.84.58.115
IP Intelligence Briefing: 187.84.58.115
Date: 2026-06-17
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Ownership: Registered to BRASIL TECPAR | AMIGO | AVATO (ASN 262907, RIR: LACNIC).
- Geolocation:
- Country: Brazil (BR)
- City: Santa Maria, Rio Grande do Sul
- Plausibility: Disputed (RTT mismatch for distance).
- Network Role: Firewalled / No Services; no CDN, VPN, or hosting indicators.
---
**2. Threat Indicators**
- DNSBL Listings:
- Listed in 8+ threat feeds (4 entries in June 2026).
- Categories include high-severity threats (exact sources obscured).
- No Active Threats: No known malware campaigns, spam, or attacker associations.
- BGP Stability: Route unstable (30-day stability score: 0.13).
---
**3. Observation History**
- Recent Activity:
- June 17, 2026: 3 DNSBL listings (high severity).
- June 6, 2026: 4 DNSBL listings (high severity).
- June 2, 2026: Clean subnet classification (187.84.58.0/24).
- Trend: No persistent malicious behavior; threat observations are sporadic.
---
**4. Network Relationships**
- Linked Entities:
- Same Network: Repeatedly linked to network 407878 (ASN 262907).
- No External Connections: No subnets, domains, or certificates tied to this IP.
---
**5. Neighborhood Analysis**
- Subnet: 187.84.58.115/24
- Abuse Density: 0% (clean classification).
- Neighbors: No active sibling IPs in the subnet (0 neighbors detected).
---
**6. Recommendations**
- Monitor DNSBL Listings: Investigate the 8+ threat feed associations, though no active exploitation is detected.
- Verify Geolocation: Discrepancy between reported distance (10,856 km) and RTT (140ms) suggests potential spoofing or misconfigured routing.
- BGP Health: Track route stability for ASN 262907; unstable routes may indicate network misconfigurations.
- Network Segmentation: Ensure this IPโs subnet (187.84.58.0/24) is isolated if it hosts critical assets.
Conclusion: While DNSBL listings elevate risk, the IP shows no active malicious behavior. Prioritize investigation into the threat feed sources and geolocation anomalies.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | BRASIL TECPAR | AMIGO | AVATO |
| ASN | AS262907 |
| Network Name | 407878 |
| CIDR Block | 187.84.48.0/20 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | 187-84-58-115.avato.com.br |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 187-84-58-115.avato.com.br |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 17% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 15% | 2 | 2 |
| reputation | 15% | 1 | 2 |
| geolocation | 30% | 2 | 3 |
| Overall | 20% | 10 | 13 |
| Data Coherence | Mostly Consistent (80%) โ 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:02 UTC |
| Last Seen | 2026-06-23 01:48:19 UTC |
| Profile Built | 2026-06-23 02:05:09 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 29 |
Full dossier details are available via our API.