103.69.84.230
IP Intelligence Briefing: 103.69.84.230
Date: 2026-06-06
---
**1. Risk Profile**
- Overall Risk: Moderate (40/100)
- Ownership: Registered to Vu Anh Tuan (APNIC) in Vietnam.
- Geolocation: Ho Chi Minh City, Vietnam (latitude 10.822, longitude 106.6257).
- Threat Indicators: No active malware, phishing, or malicious campaigns detected.
---
**2. Network Behavior**
- Subnet: 103.69.84.0/24 (high abuse density: 75%).
- Neighbors:
- 7 IPs in the subnet, with 6 flagged as risky (scores 40β65).
- Notable neighbor: 103.69.84.240 (risk score 65).
- Control Plane:
- DNSSEC valid, but listed in 1 DNSBL (out of 8).
- BGP route stability: Unstable (route changes in last 30 days).
---
**3. Historical Observations**
- Recent Activity (2026-06-06):
- Geolocation inferred with 0.52 confidence (600 km accuracy).
- Operator score: 0.13 (Minimal risk).
- Long-Term Trends:
- No persistent malicious activity detected (threat observation count: 1).
- Ownership stable (no changes in 30 days).
---
**4. Relationships & Context**
- Linked Networks: Part of NEWVINA-VN (APNIC).
- Services: No open ports or TLS certificates detected.
- Email Reputation: No SPF/DKIM records found.
---
**5. Actionable Insights**
- Monitor Subnet: The /24 subnet has high abuse density; consider blocking or monitoring traffic to/from 103.69.84.0/24.
- Investigate Neighbors: Focus on 103.69.84.240 (high risk) and other neighbors with elevated scores.
- Verify DNSBL Listing: Confirm if the IP is associated with known abuse sources.
- Geolocation Discrepancy: Inconsistent coordinates (14.06 vs. 10.822) may indicate spoofing or misconfigured data.
---
Recommendation: While the IP itself is not malicious, its subnetβs elevated risk and neighboring IPs warrant closer scrutiny. SOC teams should prioritize monitoring lateral movement risks and validate DNSBL context.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Vu Anh Tuan |
| ASN | AS150884 |
| Network Name | β |
| CIDR Block | β |
| RIR | APNIC |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 23% | 2 | 2 |
| Overall | 21% | 9 | 13 |
| Data Coherence | Mostly Consistent (80%) β 1 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-12 21:53:28 UTC |
| Last Seen | 2026-06-06 14:24:58 UTC |
| Profile Built | 2026-06-06 14:26:46 UTC |
| Data Freshness | Live |
| Signal Types | 16 |
| Total Observations | 16 |
Full dossier details are available via our API.