190.89.137.229
IP Intelligence Briefing: 190.89.137.229
Date: 2026-06-09
---
**Risk Assessment**
- Risk Score: 80/100 (High Risk)
- Threat Indicators: No direct malicious activity detected, but listed in 3 DNSBLs (out of 8 tracked).
- Network Stability: Unstable routing (route changes in last 30 days).
- Residential Classification: Identified as residential infrastructure.
---
**Ownership & Geolocation**
- Registrar: T. R. TELECOMUNICACOES LTDA (AS270368, Brazil).
- Location: Votuporanga, São Paulo, Brazil (Latitude: -20.48, Longitude: -50.01).
- Subnet: 190.89.137.0/24 (abuse density: 20% high-risk neighbors).
---
**Threat History**
- Recent Activity:
- Listed in 3 DNSBLs (e.g., Spamhaus, OpenDNS) with "high" severity.
- No persistent malicious behavior detected (0 threat persistence days).
- Trend: No significant changes in risk signals over time.
---
**Network Relationships**
- Shared Subnet: 190.89.137.0/24 (100 IPs, 20% high-risk).
- Linked Entities:
- Same ASN (AS270368) and network prefix (378879).
- No CDN, cloud, or mobile carrier associations.
---
**Neighbor Analysis**
- Subnet Risk Distribution:
- 20 IPs: High risk (55+ score).
- 73 IPs: Medium risk (30โ55).
- 5 IPs: Low risk.
- Notable Neighbors:
- 190.89.137.1โ4: Moderate risk (55 score).
- 190.89.137.5: Unlisted (potential unknown risk).
---
**Recommended Actions**
1. Monitor Subnet: Track high-risk neighbors (e.g., 190.89.137.1โ4) for lateral movement.
2. Verify DNSBL Listings: Confirm legitimacy of DNSBL entries (e.g., Spamhaus, OpenDNS).
3. Check Routing Stability: Investigate route changes for potential network compromise.
4. Blocklisted IPs: Consider blocking DNSBL-listed IPs in firewall rules.
---
Source: IPDebrief Threat Intelligence Platform
Note: This IP is classified as residential but shows signs of potential abuse. Continuous monitoring is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | T. R. TELECOMUNICACOES LTDA |
| ASN | AS270368 |
| Network Name | 378879 |
| CIDR Block | 190.89.136.0/23 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Residential |
| Service Purpose | Residential Endpoint |
| Network Tier | End-User โ Residential ISP endpoint |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 24% | 2 | 2 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 13% | 6 | 6 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Aging
| First Seen | 2026-05-19 23:49:26 UTC |
| Last Seen | 2026-06-26 18:10:58 UTC |
| Profile Built | 2026-06-22 01:56:41 UTC |
| Data Freshness | Aging |
| Signal Types | 13 |
| Total Observations | 13 |
Full dossier details are available via our API.