IPDebrief

176.103.3.214

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON πŸ”§ Full Actions API
πŸ€– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

## INTELLIGENCE BRIEFING: IP 176.103.3.214/32

Classification: Moderate Risk | Data Source: IPDebrief | Analysis Date: Current

---

EXECUTIVE SUMMARY

IP 176.103.3.214 is a moderately risky address associated with ASN 56812 (DIALOGKOM-MNT) in Ukraine. The IP shows no active malicious indicators but is listed on 2 DNSBLs and resides in a subnet with measurable abuse density. Recommended action: Monitor with standard firewall logging; no immediate blocking required.

---

PROFILE SUMMARY

AttributeValue
**Risk Score**40/100 (Moderate)
**Operator Score**0.1304 (Minimal)
**Country**Ukraine (UA)
**City**Balakliya, Kharkivs'ka Oblast'
**ASN**56812 (DIALOGKOM-MNT)
**BGP Prefix**176.103.0.0/20
**Network Role**Firewalled / No Services
**Threat Indicators**None Active
**DNSBL Listings**2/8 lists

---

THREAT INDICATORS

---

NETWORK BEHAVIOR

---

SUBNET CONTEXT (/24: 176.103.3.0/24)

MetricValue
Total Siblings41 IPs
Active Siblings15 IPs
Threat Siblings4 IPs
Abuse Density0.0976 (9.76%)
ClassificationMostly Clean

High-Risk Neighbors Identified:

---

OBSERVATION HISTORY

Historical Trend: Stable risk profile with no escalation. No new threat signals introduced since last observation.

---

RELATIONSHIP ANALYSIS

All 14 detected relationships map to DIALOG-NET network infrastructure. No external organizational links or certificate associations detected.

---

RECOMMENDED ACTIONS

Firewall Rules:

```

# Monitor with logging (risk score 40)

-ACT-LOG -p tcp --dport 80,443 -j LOG --log-prefix "176.103.3.214-TRAFFIC: "

# Block if services appear

-ACT-LOG -p tcp --dport 22,23,8080 -j DROP -m state --state NEW

```

SOC Guidance:

1. Current Status: No immediate threat action required

2. Monitoring: Enable traffic logging for 30 days

3. Escalation Threshold: Block if risk score exceeds 60 or new threat indicators emerge

4. Neighbor Watch: Monitor 176.103.3.3 and 176.103.3.31 for coordinated activity

5. Geolocation Awareness: Traffic originates from Ukraine; consider geographic filtering policies as applicable

---

END OF BRIEFING

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

CountryπŸ‡ΊπŸ‡¦ Ukraine
RegionKharkivs’ka Oblast’
CityBalakliya
TimezoneEurope/Kyiv
Latitude49.46
Longitude36.87

🏒 Ownership & Registration

OrganizationDIALOGKOM-MNT
ASNAS56812
Network Nameβ€”
CIDR Blockβ€”
RIRRIPE
Countryβ€”
Abuse ContactAvailable via RDAP

🌐 DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo β€” PTR hostname does not resolve back to this IP (weak signal)

πŸ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

☁️ Network Classification

InfrastructureUnknown
Service PurposeFirewalled / No Services
Network TierUnknown β€” Insufficient routing data to classify
No specific classification

πŸ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverβ€”
HTTP Titleβ€”

πŸ” TLS Certificate

πŸ”’
No certificate
Issued by β€”
N/A
SANsNone
Valid Fromβ€”
Valid Untilβ€”

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
31%
24
routing
13%
11
services
15%
22
ownership
27%
23
reputation
31%
13
geolocation
25%
22
Overall24%1015
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

πŸ“… Observation Timeline πŸ”„ Live

First Seen2026-05-10 16:14:06 UTC
Last Seen2026-06-26 02:20:36 UTC
Profile Built2026-06-26 08:22:36 UTC
Data FreshnessLive
Signal Types18
Total Observations19
πŸ” 18 signal types Β· 19 observations collected
This report is generated from 18+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API πŸ”§ Actions API πŸ“§ Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata β€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.