188.90.104.164
# INTELLIGENCE BRIEFING: 188.90.104.164
Classification: Low Risk | Risk Score: 25 | Analysis Date: 2026-06-05
---
## EXECUTIVE SUMMARY
IP address 188.90.104.164 was analyzed as a residential fiber-to-the-home (FTTH) connection associated with Dutch ISP Odido (Access & transport, ASN 50266). The address exhibits low-risk characteristics with a score of 25/100, though historical signals indicate prior threat activity. No active services or open ports were detected during observation.
---
## NETWORK OWNERSHIP AND GEOLOCATION
The IP address is registered to Odido Netherlands B.V. (ASN 50266), a RIPE RIR-registered organization operating from the Netherlands. Geolocation data placed the address in Koudekerke, Zeeland region, NL, with coordinates 52.13°N, 5.29°E and 150km accuracy radius. Multiple geo-validation sources corroborated the Netherlands attribution. The address resolved via reverse DNS to 164-104-90-188.ftth.glasoperator.nl, confirming residential broadband assignment.
---
## NETWORK ROLE AND CLASSIFICATION
Analysis indicated the address was firewalled with no active services exposed. The address is not classified as cloud, CDN, VPN, proxy, Tor exit node, hosting infrastructure, mobile carrier, or anycast. The BGP prefix 188.90.0.0/16 originated from ASN 50266 with route stability marked as false. DNSSEC validation was confirmed as valid.
---
## THREAT INTELLIGENCE
Current threat assessment shows no active indicators of compromise. The IP is not flagged as a known attacker, spam source, or Tor exit node. Blacklist enumeration returned zero current listings. However, historical signal observations from 2026-06-05 showed elevated threat indicators including `has_threats: true` with a pulse count of 2 across multiple threat feeds. The address carried one DNSBL listing among eight total lists scanned.
---
## DNS AND EMAIL REPUTATION
Forward DNS resolution confirmed with one PTR hostname. Email authentication configuration included SPF records but lacked DMARC implementation. TXT record count was zero. No hosted domains or email authentication failures were observed.
---
## NEIGHBORHOOD ANALYSIS
The /24 subnet (188.90.104.164/24) showed abuse density of 1 with classification marked "mostly_clean." One threat-sibling IP was identified within the subnet, while the remaining sibling addresses showed zero active threats. The subnet risk distribution showed high, medium, and low categories all at zero active threats during this observation window.
---
## OBSERVATION HISTORY
Eighteen total signal observations were recorded as of 2026-06-05. Recent observations consistently attributed the address to Odido Netherlands B.V. and confirmed NL geolocation. Multiple signal sources (AlienVault OTX, Cymru, multiple inference engines) provided corroborating data. Operator score remained at 0.2609 (Basic classification).
---
## RECOMMENDED ACTIONS
Based on the low-risk profile (score 25) and residential broadband classification:
1. Allow with monitoring โ Traffic from this address may be permitted through existing firewalls with logging enabled
2. No blocking required โ Current threat indicators do not warrant blocking at perimeter
3. Monitor historical threat signals โ Review the two prior threat pulses for correlation with any incidents
4. Email policy consideration โ Address lacks DMARC; evaluate whether to block or allow based on email reputation requirements
---
Analyst Notes: This address represents a residential consumer connection. The low risk score and absence of active services suggest benign end-user traffic. The historical threat signals warrant awareness but do not indicate current malicious activity.
End of Briefing
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Access & transport |
| ASN | AS50266 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | RIPE |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 164-104-90-188.ftth.glasoperator.nl |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 164-104-90-188.ftth.glasoperator.nl |
๐ DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 19% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-09 11:33:46 UTC |
| Last Seen | 2026-06-25 15:44:34 UTC |
| Profile Built | 2026-06-25 15:51:01 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 21 |
Full dossier details are available via our API.