191.53.40.8
IP Intelligence Briefing: 191.53.40.8/32
*Last Updated: 2026-06-11*
---
**1. Core Profile**
- Risk Score: Moderate (55/100)
- Ownership:
- ASN: 28202 (MASTER S/A, LACNIC)
- Geolocation: Initially reported as Miami, US, but historical data shows Brazil (Lavras, Minas Gerais).
- Threat Indicators: No active malicious activity, spam, or known attacker associations.
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services).
- DNS:
- PTR hostname: `191-53-40-8.ssp-wr.soumaster.com.br`
- DNSBL listings: 3/8 lists (low-severity).
- No SPF/DMArc records.
---
**2. Observation History**
- Geolocation Conflicts:
- Recent observation (2026-06-11) shows Brazil (Lavras, Minas Gerais) vs. earlier Miami, US.
- Network Stability:
- BGP route stability: Unstable (route changes in 30d).
- ISP: Comcast (traceroute).
- Threat Signals:
- No recent scans, honeypot hits, or WAF violations.
---
**3. Network Relationships**
- Shared Subnet: 191.53.40.0/24 (ASN 28202).
- DNS Associations:
- Repeated PTR records to `ssp-wr.soumaster.com.br` (Brazilian domain).
- Neighbor Risk:
- Subnet abuse density: 25% (moderate).
- High-risk neighbor: 191.53.40.63 (score 80).
---
**4. Key Findings & Recommendations**
- Geolocation Discrepancy: Investigate conflicting geolocation data (Miami vs. Brazil). Potential spoofing or misconfigured DNS.
- DNS Anomalies: Monitor `ssp-wr.soumaster.com.br` for malicious activity. No email authentication (SPF/DMArc).
- Subnet Risk: High-risk neighbor (191.53.40.63) warrants closer scrutiny.
- Action Required:
- Block 191.53.40.63 via firewall (e.g., `iptables -A INPUT -s 191.53.40.63/32 -j DROP`).
- Validate DNS configuration and geolocation consistency.
---
Threat Level: Low to Moderate. No immediate action required, but monitor for geolocation shifts or subnet-wide threats.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | MASTER S/A |
| ASN | AS28202 |
| Network Name | 227148 |
| CIDR Block | 191.53.0.0/16 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | 191-53-40-8.ssp-wr.soumaster.com.br |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 191-53-40-8.ssp-wr.soumaster.com.br |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 12% | 6 | 6 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-25 18:47:36 UTC |
| Last Seen | 2026-06-11 00:00:10 UTC |
| Profile Built | 2026-06-11 00:07:36 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 19 |
Full dossier details are available via our API.