201.55.140.172
IP Intelligence Briefing: 201.55.140.172
Date: 2026-06-13
---
**1. Core Profile**
- Risk Score: 55 (Moderate Risk)
- Geolocation: Brazil (Paraná, Maringá), 2500km accuracy radius.
- Ownership: No registered ASN, organization, or RIR data.
- Threat Indicators: No known malicious activity, no spam, no Tor/VPN/CDN flags.
- Network Role: Firewalled / No Services (openPorts: empty).
- DNS:
- PTR hostname: `201-55-140-172.witelecom.com.br`
- No SPF/DMArc records, no email auth.
- Control Plane:
- BGP prefix: `201.55.136.0/21` (AS28620), route stability: unstable.
- DNSSEC valid, 3 DNSBL listings (moderate risk).
---
**2. Observation History**
- 13 total observations over 30 days:
- DNSSEC validation and CAA records detected.
- 3 DNSBL listings (high-severity risk).
- Geolocation confidence: 35% (inferred from Cymru).
- No persistent threats or campaign correlations.
---
**3. Relationships**
- DNS Association: Linked to `201-55-140-172.witelecom.com.br`.
- No other connections to subnets, organizations, or certificates.
---
**4. Subnet Neighborhood**
- Subnet: `201.55.140.172/24`
- Abuse Density: 25% (1 threat sibling, 2 low-risk neighbors).
- Key Neighbors:
- `201.55.140.18` (Risk: 40)
- `201.55.140.186` (Risk: 25)
- `201.55.140.207` (Risk: 20)
---
**5. Threat Assessment**
- No direct malicious activity observed.
- DNSBL listings suggest potential abuse (3/8 lists).
- Unregistered ownership raises red flags for misconfigured or compromised infrastructure.
- Subnet abuse density indicates possible shared responsibility for security.
---
**6. Recommended Actions**
1. Block DNSBL-listed IPs in the subnet (e.g., `201.55.140.18`).
2. Investigate DNS configuration for `witelecom.com.br` to ensure validity.
3. Monitor geolocation anomalies (e.g., 2500km accuracy radius).
4. Validate ownership via RIR/ASNs (AS28620 may require further analysis).
5. Enhance subnet monitoring due to 25% abuse density.
---
Conclusion: Moderate risk due to DNSBL associations and unregistered ownership. Focus on DNS security and subnet-level monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | WI - Provedor de Telecomunicações Ltda. |
| ASN | AS28620 |
| Network Name | 70899 |
| CIDR Block | 201.55.128.0/19 |
| RIR | LACNIC |
| Country | BR |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | 201-55-140-172.witelecom.com.br |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 201-55-140-172.witelecom.com.br |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Residential |
| Service Purpose | Residential Endpoint |
| Network Tier | End-User โ Residential ISP endpoint |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 2 |
| routing | 25% | 1 | 1 |
| services | 25% | 1 | 1 |
| ownership | 0% | 0 | 0 |
| reputation | 17% | 1 | 1 |
| geolocation | 25% | 1 | 1 |
| Overall | 20% | 6 | 6 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-06-06 07:27:24 UTC |
| Last Seen | 2026-06-13 11:54:28 UTC |
| Profile Built | 2026-06-13 12:01:07 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.