191.37.11.71
IP Intelligence Briefing: 191.37.11.71
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: 70 (High Risk)
- Ownership:
- ASN: 263348
- ISP: DESEMPENHO PROVEDOR DE INTERNET (Brazil)
- Subnet: 191.37.8.0/22
- Geolocation:
- Country: Brazil (BR)
- Region: Paraná
- City: Cantagalo
- Coordinates: Latitude -25.3, Longitude -52.15
- Network Role:
- Classified as "Firewalled / No Services"
- No active TLS/HTTP services or banners detected
---
**2. Threat Indicators**
- No direct malicious activity detected:
- No indicators in threat feeds, DNS, or TLS certificates.
- Not listed in DNSBLs (4 total lists, but no confirmed abuse).
- Subnet Risk:
- Subnet 191.37.11.0/24 has 9% abuse density (low overall).
- 1 high-risk neighbor (191.37.11.46, risk score 80) and 7 medium-risk neighbors.
---
**3. Observation History**
- 13 observations since 2026-06-08:
- Inferred geolocation in Brazil (confidence 52%).
- ASN 263348 (DESEMPENHO) linked to 191.37.11.0/24.
- Subnet abuse density fluctuated between 9-10% over 30 days.
- No persistent malicious activity or campaign correlations.
---
**4. Relationships**
- Network Affiliation:
- Linked to network 224795 (same ISP).
- DNS/Email:
- No SPF/DKIM records or email-related risks.
---
**5. Neighborhood Analysis**
- Subnet: 191.37.11.0/24
- Neighbor Risk Distribution:
- 1 high-risk (191.37.11.46, score 80)
- 7 medium-risk (scores 40β60)
- 2 low-risk (scores 0β20)
- Abuse Density: 10% (slightly above average for this region).
---
**6. Recommendations**
- Monitor Subnet: Focus on 191.37.11.46 due to elevated risk.
- Block High-Risk Neighbors: Consider restricting traffic from high-risk IPs in the subnet.
- Verify ISP Activity: Confirm DESEMPENHOβs compliance with network security policies.
- Check for Enumeration: Investigate if the subnet is being probed for vulnerabilities.
---
Conclusion: The IP itself is low-risk, but its subnet contains one high-risk neighbor. SOC teams should prioritize monitoring the subnet and mitigating potential lateral movement risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DESEMPENHO PROVEDOR DE INTERNET |
| ASN | AS263348 |
| Network Name | 224795 |
| CIDR Block | 191.37.8.0/22 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 24% | 2 | 2 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 13% | 6 | 6 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-19 15:38:22 UTC |
| Last Seen | 2026-06-08 20:30:48 UTC |
| Profile Built | 2026-06-08 20:33:57 UTC |
| Data Freshness | Live |
| Signal Types | 14 |
| Total Observations | 15 |
Full dossier details are available via our API.