189.201.197.34
IP Intelligence Briefing: 189.201.197.34
Date: 2026-06-06
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Ownership: Registered to Global Web Master Ltda - EPP (AS263253) in Brazil (SP, Mauá).
- Geolocation: Brazil (SP, Mauá), with a 2500km accuracy radius.
- Network Role: Firewalled / No Services (no open ports, TLS, or HTTP detected).
- Threat Indicators: No direct malicious activity observed (no indicators, spam, or campaigns).
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- Listed in 3/8 DNSBLs (high severity) as of 2026-06-06.
- Geolocation confirmed as Brazil (SP, Mauá) with minimal RTT variance.
- Operator score: 0.1304 (Minimal trustworthiness).
- No persistent malicious behavior or ownership changes.
---
**3. Relationships**
- Network Connections:
- Linked to AS263253 (Global Web Master Ltda - EPP) and subnet 229610.
- No direct ties to known malicious organizations, campaigns, or certificates.
---
**4. Neighborhood Analysis**
- Subnet: 189.201.196.0/22.
- Neighbor Risk:
- 189.201.197.8 (risk score: 55, moderate risk).
- Abuse Density: 0% (no high-risk neighbors).
---
**5. Recommendations**
- Monitor: Track DNSBL listings and subnet activity for potential lateral movement.
- Block: Consider blocking the IP due to high risk score and DNSBL associations.
- Investigate: Verify ownership legitimacy and check for hidden services (e.g., C2, mining).
- Neighbors: Monitor 189.201.197.8 for correlation with observed threats.
---
Conclusion:
This IP exhibits high risk due to DNSBL listings and network associations, but no direct malicious activity is observed. SOC teams should prioritize blocking and monitoring, especially given the subnetβs potential for abuse.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Global Web Master Ltda - EPP |
| ASN | AS263253 |
| Network Name | 229610 |
| CIDR Block | 189.201.196.0/22 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 1 | 1 |
| routing | 25% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 20% | 1 | 1 |
| geolocation | 39% | 2 | 3 |
| Overall | 23% | 8 | 9 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-12 21:54:37 UTC |
| Last Seen | 2026-06-12 09:21:19 UTC |
| Profile Built | 2026-06-06 15:18:15 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 16 |
Full dossier details are available via our API.