5.167.66.90

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

## INTELLIGENCE BRIEFING: 5.167.66.90/32

Classification: Moderate Risk (Score: 40/100)

Report Date: 2026-06-24

Data Source: IPDebrief Intelligence Platform

---

EXECUTIVE SUMMARY

IP 5.167.66.90 is a residential endpoint hosted by ER-Telecom Holding's Cheboksary branch (ASN 57026) in Russia. The IP exhibits moderate risk characteristics with no active threat indicators currently detected. Neighborhood analysis reveals elevated abuse density in the 5.167.66.0/24 subnet, warranting contextual monitoring.

OWNERSHIP & GEOLOCATION

Organization: Network Operation Center CJSC ER-Telecom Holding Cheboksary branch
ASN: 57026 (ER-Telecom Holding)
Location: Cheboksary, Chuvash Republic, RU
Network Block: 5.167.64.0/22 (BGP prefix: 5.167.64.0/22)
Registration: RIR Ripe
Reverse DNS: 5x167x66x90.dynamic.cheb.ertelecom.ru

NETWORK CLASSIFICATION

Attribute	Value
Network Role	Residential Endpoint
Infrastructure Type	Residential
Tor Exit	No
CDN/Cloud/Hosting	No
Proxy/VPN	No
Bogon	No

THREAT INDICATORS

Current Threat Status: No active indicators
Abuse Confidence: Not available
Blacklist Count: 0 (DNSBL: 1 of 8 lists)
Known Campaigns: None detected
Spam Source: No
Known Attacker: No

NEIGHBORHOOD ANALYSIS

Subnet: 5.167.66.0/24

Total Siblings: 256
Active Siblings: 134
Abuse Density: High
Risk Classification: High Abuse
Inherited Risk: 40

Neighbor Risk Distribution:

High Risk: 0 (0%)
Medium Risk: 61 (61%)
Low Risk: 39 (39%)

Notable neighbors include 5.167.66.3 and 5.167.66.4 (both risk score: 49), indicating concentrated activity within the subnet.

OBSERVATION HISTORY

Total Observations: 49
Recent Trend: Stable/Minimal operator scores (0.0)
Threat Persistence: Not persistently malicious
Ownership Changes: 0
Threat Observation Count: 1

Historical signals show consistent "Minimal" operator scores across multiple observation windows (June 2026 timeframe), indicating no degradation in risk posture.

RELATIONSHIP GRAPH

Total Relationships: 326
Primary Relationship: Same Network (ERTH-CHEB-PPPOE-22-NET)
Related Entities: Network-level associations only

SECURITY ACTIONS & RECOMMENDATIONS

Based on risk profile analysis:

1. Allow: Residential IP with no active threat indicators. Standard residential traffic patterns expected.

2. Monitor: Elevated neighborhood abuse density warrants contextual awareness for related IPs in 5.167.66.0/24.

3. Block: No immediate blocking required; monitor for behavioral changes.

SOC ACTION ITEMS

Priority: LOW-MEDIUM
Recommended Action: Continue standard monitoring. No immediate threat-based blocking advised.
Context: This is a legitimate residential endpoint from a Russian ISP. Risk score of 40/100 falls in moderate range.
Escalation Triggers: Monitor for sudden risk score increases, appearance on threat feeds, or correlation with active campaigns.

---

Report Generated: Automated IP Intelligence Analysis

Status: Complete

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇷🇺 Russia
Region	Chuvash Republic
City	Cheboksary
Timezone	—
Latitude	55.74
Longitude	37.61

🏢 Ownership & Registration

Organization	Network Operation Center CJSC ER-Telecom Holding Cheboksary branch
ASN	AS57026
Network Name	—
CIDR Block	—
RIR	RIPE
Country	—
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR	5x167x66x90.dynamic.cheb.ertelecom.ru
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)
Forward Hostnames	`5x167x66x90.dynamic.cheb.ertelecom.ru`

🔐 DNS Hygiene

Hygiene Score	60% (Good)
SPF	Present
DMARC	Present
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Residential
Service Purpose	Residential Endpoint
Network Tier	End-User — Residential ISP endpoint

Residential

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	25%	2	4
routing	20%	1	1
services	20%	2	3
ownership	20%	2	3
reputation	27%	1	3
geolocation	35%	2	3
Overall	25%	10	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:05:23 UTC
Last Seen	2026-06-26 18:12:13 UTC
Profile Built	2026-06-27 05:55:31 UTC
Data Freshness	Live
Signal Types	22
Total Observations	52

🔍 22 signal types · 52 observations collected

This report is generated from 22+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

5.167.66.90📋 Copy