191.53.12.117
IP Intelligence Briefing: 191.53.12.117
Date: 2026-06-06
---
**Risk Profile**
- Overall Risk: Moderate (Risk Score: 55)
- Ownership: Registered to MASTER S/A (ASN: 28202, LACNIC)
- Geolocation: Brazil (SP, Lorena), with geolocation plausibility flagged as false.
- Threat Indicators: No direct malicious activity detected (no blacklists, campaigns, or known attacker associations).
---
**Network & Subnet Analysis**
- Subnet: 191.53.12.0/24
- Abuse Density: 33.3% (4 high-risk, 7 medium-risk, 1 low-risk neighbors).
- Key Neighbors:
- 191.53.12.48, 191.53.12.102, 191.53.12.107, 191.53.12.230 (Risk Score: 80).
- 191.53.12.119 (Risk Score: 30).
- Subnet Classification: Mixed (combination of legitimate and potentially malicious activity).
---
**Threat Observations**
- Recent Activity (June 6, 2026):
- Associated with Brazilian ISP (MASTER S/A) and flagged for potential threats (confidence: 75%).
- No confirmed malware campaigns or phishing indicators.
- Historical Trends: Single observation with no persistent malicious behavior.
---
**DNS & Hosting**
- PTR Record: `191-53-12-117.lna-wr.soumaster.com.br` (suspicious, no public WHOIS data).
- Domain Analysis:
- soumaster.com.br appears to be a private domain with no public DNSSEC validation.
- No SPF/DKIM records detected.
---
**Recommendations**
1. Monitor Subnet: High-risk neighbors (e.g., 191.53.12.48, 191.53.12.102) may indicate coordinated activity.
2. Investigate DNS: Verify ownership of `soumaster.com.br` and check for associated malicious activity.
3. Block High-Risk Neighbors: Consider firewall rules to restrict traffic from high-risk IPs in the 191.53.12.0/24 subnet.
4. Validate Ownership: Confirm MASTER S/Aโs legitimacy and review their network for abuse patterns.
Note: This IP appears to be part of a mixed-use subnet with potential for lateral movement or network compromise. Further analysis of neighboring IPs is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | MASTER S/A |
| ASN | AS28202 |
| Network Name | 227148 |
| CIDR Block | 191.53.0.0/16 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | 191-53-12-117.lna-wr.soumaster.com.br |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 191-53-12-117.lna-wr.soumaster.com.br |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 17% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-12 03:43:19 UTC |
| Last Seen | 2026-06-26 14:59:43 UTC |
| Profile Built | 2026-06-26 15:19:35 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 20 |
Full dossier details are available via our API.