103.172.239.80
IP Intelligence Briefing: 103.172.239.80
Date: 2026-06-10
---
**1. Risk Profile**
- Risk Score: 80 (High Risk)
- Reputation: High Risk (flagged in 3/8 DNSBLs with high severity)
- Ownership: Registered to IRT-VNNIC-AP (Vietnam) under ASN 149098.
- Geolocation: Vietnam (Ho Chi Minh City, 16.17°N, 107.83°E).
- Network Role: Unassigned/unknown infrastructure type; no open ports or services detected.
---
**2. Threat Indicators**
- DNS Associations: Linked to chamines.com (SPF record present, no DMARC).
- Malicious Activity: No direct malware, phishing, or campaign indicators.
- Blacklist Status: Listed in 3 DNSBLs (high severity), but no active threat persistence.
- BGP/Network: Stable route (103.172.238.0/23), no recent route changes.
---
**3. Observation History**
- Recent Activity (Last 30 Days):
- 3 DNSBL listings (high severity) detected on 2026-06-10.
- No persistent malicious behavior or ownership changes.
- Minimal operator risk score (0.13).
- Historical Trends: No significant spikes in threat signals or network anomalies.
---
**4. Relationships**
- Network: Part of HATANGSO-VN (IRT-VNNIC-AP) subnet.
- DNS: Strong association with chamines.com (4 PTR records).
- No Known Connections: No links to other IPs, organizations, or certificates.
---
**5. Subnet & Neighborhood**
- Subnet: 103.172.239.80/24.
- Abuse Density: 0% (no malicious neighbors detected).
- Neighbor Count: 0 active IPs in subnet (possibly a single-host network).
---
**6. Recommendations**
1. Monitor DNS: Investigate chamines.com for phishing or spoofing attempts.
2. Block DNSBL Listings: Add to firewall rules to mitigate potential spoofing.
3. Geolocation Verification: Confirm if the Vietnam-based IP is authorized for network access.
4. Subnet Analysis: Validate if the /24 subnet is under active attack or abuse.
Conclusion: While flagged in DNSBLs, no direct malicious activity detected. Focus on DNS context and network ownership validation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-VNNIC-AP |
| ASN | AS149098 |
| Network Name | HATANGSO-VN |
| CIDR Block | 103.172.238.0/23 |
| RIR | APNIC |
| Country | VN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | chamines.com |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | chamines.com |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-23 00:17:31 UTC |
| Last Seen | 2026-06-10 03:19:25 UTC |
| Profile Built | 2026-06-10 03:28:30 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 18 |
Full dossier details are available via our API.