103.58.115.155
IP Intelligence Briefing: 103.58.115.155
Date: 2026-06-06
---
**1. Risk Profile**
- Overall Risk Score: 80 (High Risk)
- Provider/Authority Scores: 0/0 (No provider/authority association detected)
- Stability: Unstable (BGP route instability flagged)
- Threat Indicators:
- Listed in 8+ threat feeds (high severity)
- DNSBL listings (4/8 total)
- No open services or TLS certificates detected
---
**2. Network & Ownership**
- ASN: 134032 (IRT-ICENET-IN, India)
- Subnet: 103.58.115.0/24
- Geolocation:
- Country: India (IN)
- Region: Tamil Nadu
- City: Coimbatore
- Accuracy Radius: 1,500 km
- Network Role: Firewalled / No Services (no open ports, no DNS resolution)
---
**3. Threat Observations (Last 30 Days)**
- High-Risk Listings: 14 total (8+ threat feeds, 4 DNSBLs)
- Geolocation Consistency: Confirmed India (maxmind-geolite2)
- BGP Analysis:
- Route stability: Unstable (0 route changes in 30 days)
- ASN: 134032 (ICENET)
- RPKI State: Not validated
---
**4. Network Relationships**
- Same Network: Linked to ICENET (103.58.115.0/24)
- Neighbors (103.58.115.0/24):
- 2 high-risk IPs (80/70 risk scores)
- 4 medium-risk IPs (55โ70 scores)
- Abuse density: 33.3% (moderate risk in subnet)
---
**5. Actionable Insights**
- SOC Recommendations:
- Monitor for lateral movement to high-risk neighbors (e.g., 103.58.115.42, 103.58.115.167).
- Investigate potential BGP hijacking or route instability.
- Check for DNS-based attacks (no DNS resolution detected, but DNSBL listings present).
- Consider blocking the subnet (103.58.115.0/24) due to mixed risk profile.
- Threat Context:
- High-risk IP with no active services may be a static node (server, C2, or decoy).
- Geolocation aligns with India, but no direct campaign or malware associations.
---
Next Steps: Correlate with internal threat intelligence, validate DNSBL listings, and monitor network traffic for anomalous behavior.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-ICENET-IN |
| ASN | AS134032 |
| Network Name | ICENET |
| CIDR Block | 103.58.115.0/24 |
| RIR | APNIC |
| Country | IN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 26% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 20% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-11 21:09:38 UTC |
| Last Seen | 2026-06-26 11:36:49 UTC |
| Profile Built | 2026-06-26 11:47:20 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.