80.90.183.221
IP Intelligence Briefing: 80.90.183.221
Date: 2026-06-10
---
**Key Risk Indicators**
- Risk Score: 70/100 (High Risk)
- Threat Observations:
- Listed on 4/8 DNSBLs (high severity)
- No active malware indicators or campaigns
- No known attacker associations
---
**Ownership & Geolocation**
- AS: AS9123 (Abuse-C Role, TW-VDS)
- Location: Kazakhstan (Almaty), Latitude 43.25, Longitude 76.91
- Network Role: Firewalled / No Services (no open ports or TLS certificates)
---
**Threat History**
- DNSBL Listings: Observed on 4/8 blacklists (last 30 days)
- Abuse Density: 0% (clean subnet)
- Stability: Route unstable (BGP changes detected)
---
**Network Relationships**
- Subnet: 80.90.183.0/24
- Neighbors: 0 active IPs in subnet (no abuse density)
- Shared Network: TW-VDS (AS9123)
---
**Recommended Actions**
1. Block IP: Implement firewall rules to deny traffic from 80.90.183.221
- iptables: `iptables -A INPUT -s 80.90.183.221 -j DROP`
- Cloudflare/WAF: Block via IP rule
2. Monitor DNSBL: Track DNSBL activity for potential network compromise
3. Verify Ownership: Confirm AS9123 (TW-VDS) legitimacy via RDAP
---
**Summary**
The IP exhibits a high risk score due to historical DNSBL listings and unstable routing, though no current malicious activity is detected. While the subnet appears clean, the IPโs association with Abuse-C role and route instability warrants close monitoring. Immediate blocking is advised to mitigate potential threats.
Source: IPDebrief Threat Intelligence Platform
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Abuse-C Role |
| ASN | AS9123 |
| Network Name | TW-VDS |
| CIDR Block | 80.90.182.0/23 |
| RIR | RIPE |
| Country | KZ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| 8443 | https-alt | tcp | โ |
| Closed Ports | 25, 3389, 8080 (4 open / 7 scanned) | ||
| Server | nginx/1.24.0 (Ubuntu) |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.16 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-25 12:43:09 UTC |
| Last Seen | 2026-06-10 23:01:11 UTC |
| Profile Built | 2026-06-10 23:08:31 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 18 |
Full dossier details are available via our API.