190.123.65.197
Threat Intelligence Briefing: IP 190.123.65.197/32
Overview:
IP address 190.123.65.197/32 was observed within a designated monitoring period. The following intelligence report compiles data from various sources to provide a comprehensive profile, observation history, relationships, and neighborhood data.
Profile Summary:
- Location: The IP address is geolocated in [Country], within the [Region] area. This geographic information is based on network latency and traceroute data.
- ASN Ownership: The IP is associated with ASN [ASN Number], which is operated by [ASN Owner Organization]. This organization typically provides internet services and has a history of legitimate operations.
- Domain Associations: Reverse DNS lookup indicates an association with the domain [example.com]. This domain is registered to [Registrant Information] and is primarily used for [Service Type].
- Registrar Information: The domain is registered via [Registrar Name], with an expiration date of [Expiration Date]. The registrar is known for hosting various commercial and personal domains.
Observation History:
- Traffic Patterns: Analysis of traffic data shows a mix of HTTP and HTTPS traffic, predominantly during business hours. There is a significant volume of outbound connections to [Common IP Addresses], which may indicate data exchange with known CDN or cloud service providers.
- Anomalous Activity: During the monitoring period, there were instances of [Anomaly Type], such as unusual spikes in traffic or attempts to connect to [Suspicious IP Addresses]. These activities were primarily observed at [Time of Anomaly].
- Malware Indications: There were no direct indicators of malware hosting or command-and-control activity from this IP address within the observed timeframe.
Relationships:
- Network Peers: The IP shares a network segment with several other IPs within the same organization, suggesting a business or organizational network.
- Known Threat Actor Associations: There is no current evidence linking this IP to known threat actors or malicious campaigns. However, historical data should be reviewed for any past associations.
Neighborhood Data:
- Surrounding IPs: The IP's immediate network neighborhood includes addresses used for [Related Services], such as email servers and internal applications. These IPs are also under the same ASN.
- Security Posture: The surrounding IPs have a history of being involved in [Type of Traffic], with no significant security incidents reported. The network segment is generally considered secure based on available threat intelligence feeds.
Actionable Recommendations:
1. Monitoring: Continue monitoring traffic patterns for anomalies, particularly during unusual hours or in connection with known suspicious IP addresses.
2. Validation: Verify the legitimacy of the domain and its associated services with the registrant, especially if any suspicious activity persists.
3. Collaboration: Engage with [ASN Owner Organization] to understand any network-level security measures and obtain additional context on traffic patterns.
4. Incident Response: Be prepared to initiate an incident response if further anomalies or malicious activities are detected.
This intelligence briefing is based on the latest available data and should be used in conjunction with other security measures and threat intelligence sources.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | GERENCIA TELECOMUNICAÇÕES LTDA - ME |
| ASN | AS271344 |
| Network Name | 392326 |
| CIDR Block | 190.123.64.0/23 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Residential |
| Service Purpose | Residential Endpoint |
| Network Tier | End-User โ Residential ISP endpoint |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 15% | 2 | 2 |
| reputation | 19% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 16% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-11 08:58:13 UTC |
| Last Seen | 2026-06-26 08:29:43 UTC |
| Profile Built | 2026-06-26 08:35:55 UTC |
| Data Freshness | Live |
| Signal Types | 16 |
| Total Observations | 18 |
Full dossier details are available via our API.