103.17.105.28
IP Intelligence Briefing: 103.17.105.28
Date: 2026-06-11
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Ownership:
- ASN: AS45415 (Samir Sawant / VCPLNETWORK)
- Geolocation: Mumbai, Maharashtra, India (IN)
- Network: 103.17.104.0/22
- Threat Indicators: No active malicious activity, no known campaigns, and no DNSBL listings.
- Network Role: Firewalled with no open ports or services detected.
---
**2. Observation History**
- Latest Signals (30-Day Window):
- Confirmed Mumbai, India (geolocation).
- DNSSEC validation active.
- Minimal operator risk score (0.13).
- No persistent malicious behavior or threat persistence.
- Trend: No significant changes in risk or activity over the past 30 days.
---
**3. Relationships**
- Linked Entities:
- Subnet: 103.17.105.0/24 (VCPLNETWORK).
- No other hostnames, organizations, or certificates tied to the IP.
---
**4. Neighborhood Analysis**
- Subnet: 103.17.105.28/24.
- Abuse Density: 0% (no malicious activity in the subnet).
- Neighbors: No active or reported sibling IPs in the subnet.
---
**5. Recommended Actions**
- Firewall Rules:
- iptables: `iptables -A INPUT -s 103.17.105.28 -j DROP`
- nftables: `nft add rule inet filter input ip saddr 103.17.105.28 drop`
- Cloudflare WAF: Block IP with description "IPDebrief risk score 50".
- Context: Monitor for unexpected traffic given the moderate risk score and lack of recent threats.
---
Conclusion:
The IP is associated with a private network in Mumbai, India, with no active threats or malicious indicators. While the risk score is moderate, the absence of abuse in the subnet and no open services suggest it is likely a legitimate, firewalled endpoint. SOC teams should continue monitoring for anomalies, especially if the IP is used for outbound traffic or if new threats emerge in the subnet.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Samir Sawant |
| ASN | AS45415 |
| Network Name | VCPLNETWORK |
| CIDR Block | 103.17.104.0/22 |
| RIR | APNIC |
| Country | IN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-26 06:49:39 UTC |
| Last Seen | 2026-06-11 03:05:01 UTC |
| Profile Built | 2026-06-11 03:27:29 UTC |
| Data Freshness | Live |
| Signal Types | 16 |
| Total Observations | 16 |
Full dossier details are available via our API.