27.78.70.85
IP Intelligence Briefing: 27.78.70.85
Date: 2026-06-09
---
**1. Profile Summary**
- Risk Score: 50 (Moderate Risk)
- Ownership: Registered to IRT-VNNIC-AP (Viettel Group, Vietnam) under ASN 7552.
- Geolocation: Ho Chi Minh City, Vietnam (apnic registry).
- Threat Indicators: No detected malicious activity, spam, or known attacker associations.
- Network Role: Unknown infrastructure type; no open ports/services identified.
---
**2. Observation History**
- Latest Activity: June 9, 2026 (confidence 0.30).
- Operator Score: Minimal risk (0.1304).
- Subnet Abuse Density: 0% (clean).
- Stability: Route stability flagged as unstable (potential network changes).
---
**3. Relationships**
- Network Associations: Linked to VIETTEL-VN (same network).
- DNS: Resolves to localhost (likely internal or misconfigured).
- No External Threat Links: No correlations to known campaigns, domains, or malicious certificates.
---
**4. Neighborhood Analysis**
- Subnet: 27.78.70.85/24.
- Neighbor Risk: 0 active/compromised IPs in subnet (clean).
- Abuse Density: 0% (low risk).
---
**5. Recommended Actions**
- Firewall Rules:
- Block IP via:
```bash
iptables -A INPUT -s 27.78.70.85 -j DROP
nft add rule inet filter input ip saddr 27.78.70.85 drop
```
- Update WAF rules (Cloudflare/AWS) to block the IP.
- Monitoring:
- Watch for unexpected network role changes or new services.
- Verify DNS resolution patterns (localhost may indicate misconfiguration).
---
**6. Conclusion**
The IP is registered to a Vietnamese ISP and shows no direct malicious indicators. However, its moderate risk score and unstable routing suggest further monitoring. The association with localhost and lack of clear network role warrant investigation into potential misconfigurations or internal testing. Proceed with cautious blocking and continuous observation.
Threat Level: Low to Moderate (monitor for anomalies).
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-VNNIC-AP |
| ASN | AS7552 |
| Network Name | VIETTEL-VN |
| CIDR Block | 27.64.0.0/12 |
| RIR | APNIC |
| Country | VN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | localhost |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | localhost |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 27% | 2 | 2 |
| routing | 19% | 1 | 2 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 25% | 1 | 1 |
| geolocation | 26% | 2 | 2 |
| Overall | 23% | 9 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-22 03:09:41 UTC |
| Last Seen | 2026-06-19 17:41:06 UTC |
| Profile Built | 2026-06-15 08:21:22 UTC |
| Data Freshness | Fresh |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.