191.53.128.255
IP Intelligence Briefing: 191.53.128.255/32
Threat Level: High Risk (Risk Score: 80)
---
**Key Findings**
1. Ownership & Geolocation
- Owned by MASTER S/A (ASN 28202), registered with LACNIC.
- Geolocated to Montes Claros, Minas Gerais, Brazil (geoplus: false, suggesting potential spoofing or inconsistency).
2. Network Role
- Classified as firewalled / no services; no open ports or TLS services detected.
- Subnet 191.53.128.0/24 has moderate abuse density (0.25), with 5 high-risk neighbors and 16 mixed-risk IPs.
3. Threat Indicators
- Listed in 3/8 threat feeds (specific lists obscured).
- Observed in 18 historical signals, including DNS resolution and geolocation.
4. Relationships
- Linked to 191-53-128-255.pso-wr.mastercabo.com.br (PTR hostname).
- Same network (227148) and DNS associations dominate relationships.
5. Neighbor Analysis
- High-risk neighbor 191.53.128.253 (score 80), alongside low-risk IPs (e.g., 191.53.128.227, 191.53.128.231).
- Subnet shows mixed activity, with 5 high-risk IPs and 15 low/medium risk.
---
**Actionable Insights**
- Monitor & Block: High-risk score and threat feed listings suggest potential malicious activity. Consider blocking this IP in firewall rules.
- Investigate Neighbors: The subnet contains 5 high-risk IPs (e.g., 191.53.128.253). Prioritize investigation of these for potential lateral movement or network compromise.
- DNS & Ownership: Verify the legitimacy of the PTR hostname (mastercabo.com.br) and review MASTER S/Aโs network for suspicious patterns.
- Geolocation Discrepancy: The geoplus false flag may indicate spoofing or misconfigured DNS. Validate with additional sources.
---
**Recommendations**
- Use ipdebrief_actions to generate firewall rules for blocking this IP.
- Cross-reference with ipdebrief_compare to analyze high-risk neighbors (e.g., 191.53.128.253) for correlation.
- Continuously monitor historical signals via ipdebrief_history for trend analysis.
SOC Analyst Note: This IP requires immediate scrutiny due to its high risk score and association with threat feeds. Prioritize isolating the subnet and validating DNS sources.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | MASTER S/A |
| ASN | AS28202 |
| Network Name | 227148 |
| CIDR Block | 191.53.0.0/16 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | 191-53-128-255.pso-wr.mastercabo.com.br |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 191-53-128-255.pso-wr.mastercabo.com.br |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 13% | 1 | 2 |
| geolocation | 27% | 2 | 3 |
| Overall | 18% | 10 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-11 15:04:43 UTC |
| Last Seen | 2026-06-26 10:31:57 UTC |
| Profile Built | 2026-06-26 10:43:25 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 21 |
Full dossier details are available via our API.