IP Intelligence Briefing: 103.165.32.70
Date: 2026-06-07
---
**1. Risk Profile**
- Risk Score: 80 (High Risk)
- Reputation: High Risk
- Ownership: Registered to IRT-IDNIC-ID (apnic) under ASN 17995.
- Geolocation: Jakarta, Indonesia (ID).
- Threat Indicators:
- Listed in 5 DNSBL (DNS-Based Blacklist) entries.
- No direct malware, phishing, or C2 indicators detected.
---
**2. Network & Infrastructure**
- Firewalled Server: No open ports or services detected.
- DNS Configuration:
- PTR hostname: mail.mailserverdo.online (forwarded to 103.165.32.70).
- SPF record present; DMARC and TXT records missing.
- Network Role:
- Classified as firewalled / no services.
- Subnet 103.165.32.0/24 has low abuse density (1/254 IPs flagged).
---
**3. Observation History**
- Risk Stability: No significant changes in threat signals over the past 30 days.
- DNS Activity:
- Forward resolution to mailserverdo.online confirmed.
- No recent DNS anomalies or hijacks.
- BGP/Route Stability:
- Route stability score: 0.26 (Basic).
- No recent route changes or hijacks.
---
**4. Relationships & Neighbors**
- Network Relationships:
- Linked to IANA-BLOCK (reserved IP range).
- No direct connections to known malicious entities.
- Subnet Neighbors:
- 103.165.32.0/24 contains 254 IPs; 0 active neighbors detected.
- Abuse Density: 1/254 IPs flagged (low risk).
---
**5. Recommended Actions**
1. Monitor DNS Activity: Investigate mailserverdo.online for spam/phishing activity due to missing DMARC.
2. Check DNSBL Listings: Verify legitimacy of DNSBL entries (e.g., Spamhaus, Barracuda).
3. Inspect Email Server: Ensure SPF alignment and implement DMARC for email security.
4. Network Segmentation: Isolate firewalled servers to prevent lateral movement.
---
Conclusion:
The IP exhibits high risk due to DNSBL listings but shows no direct malicious activity. Focus on DNS security and email server configurations. No immediate mitigation required, but continuous monitoring is advised.
Source: IPDebrief Threat Intelligence Platform.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-IDNIC-ID |
| ASN | AS17995 |
| Network Name | IANA-BLOCK |
| CIDR Block | 0.0.0.0/0 |
| RIR | APNIC |
| Country | ID |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | mail.mailserverdo.online |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | mail.mailserverdo.online |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 19% | 2 | 2 |
| services | 13% | 1 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (65%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-14 13:23:01 UTC |
| Last Seen | 2026-06-18 13:31:07 UTC |
| Profile Built | 2026-06-07 05:06:13 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 27 |
Full dossier details are available via our API.