## INTELLIGENCE BRIEFING: IP 176.103.3.214/32
Classification: Moderate Risk | Data Source: IPDebrief | Analysis Date: Current
---
EXECUTIVE SUMMARY
IP 176.103.3.214 is a moderately risky address associated with ASN 56812 (DIALOGKOM-MNT) in Ukraine. The IP shows no active malicious indicators but is listed on 2 DNSBLs and resides in a subnet with measurable abuse density. Recommended action: Monitor with standard firewall logging; no immediate blocking required.
---
PROFILE SUMMARY
| Attribute | Value |
|---|---|
| **Risk Score** | 40/100 (Moderate) |
| **Operator Score** | 0.1304 (Minimal) |
| **Country** | Ukraine (UA) |
| **City** | Balakliya, Kharkivs'ka Oblast' |
| **ASN** | 56812 (DIALOGKOM-MNT) |
| **BGP Prefix** | 176.103.0.0/20 |
| **Network Role** | Firewalled / No Services |
| **Threat Indicators** | None Active |
| **DNSBL Listings** | 2/8 lists |
---
THREAT INDICATORS
- Known Attacker: False
- Tor Exit Node: False
- Spam Source: False
- Campaign Matches: None
- Certificate Matches: 0
- Blacklist Count: 0 (direct listings)
- DNSBL Count: 2 (indirect listings)
---
NETWORK BEHAVIOR
- Open Ports: None detected
- TLS Certificates: None
- HTTP Services: None
- DNS Resolution: None (forward confirmed: false)
- PTR Records: None
- Service Status: Firewalled/No services running
---
SUBNET CONTEXT (/24: 176.103.3.0/24)
| Metric | Value |
|---|---|
| Total Siblings | 41 IPs |
| Active Siblings | 15 IPs |
| Threat Siblings | 4 IPs |
| Abuse Density | 0.0976 (9.76%) |
| Classification | Mostly Clean |
High-Risk Neighbors Identified:
- 176.103.3.3 (Risk: 80)
- 176.103.3.31 (Risk: 70)
---
OBSERVATION HISTORY
- Total Observations: 17 signals
- Most Recent: 2026-06-26
- Threat Persistence: 0 days
- Campaign Correlation: None
- Geolocation Consistency: Ukraine (consistent across observations)
Historical Trend: Stable risk profile with no escalation. No new threat signals introduced since last observation.
---
RELATIONSHIP ANALYSIS
All 14 detected relationships map to DIALOG-NET network infrastructure. No external organizational links or certificate associations detected.
---
RECOMMENDED ACTIONS
Firewall Rules:
```
# Monitor with logging (risk score 40)
-ACT-LOG -p tcp --dport 80,443 -j LOG --log-prefix "176.103.3.214-TRAFFIC: "
# Block if services appear
-ACT-LOG -p tcp --dport 22,23,8080 -j DROP -m state --state NEW
```
SOC Guidance:
1. Current Status: No immediate threat action required
2. Monitoring: Enable traffic logging for 30 days
3. Escalation Threshold: Block if risk score exceeds 60 or new threat indicators emerge
4. Neighbor Watch: Monitor 176.103.3.3 and 176.103.3.31 for coordinated activity
5. Geolocation Awareness: Traffic originates from Ukraine; consider geographic filtering policies as applicable
---
END OF BRIEFING
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | DIALOGKOM-MNT |
| ASN | AS56812 |
| Network Name | β |
| CIDR Block | β |
| RIR | RIPE |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 31% | 1 | 3 |
| geolocation | 25% | 2 | 2 |
| Overall | 24% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-10 16:14:06 UTC |
| Last Seen | 2026-06-26 02:20:36 UTC |
| Profile Built | 2026-06-26 08:22:36 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 19 |
Full dossier details are available via our API.