27.79.6.126
IP Intelligence Briefing: 27.79.6.126
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership: Registered to VIETTEL-VN (AS7552, APNIC) with no abuse reports.
- Geolocation: Vietnam (Da Nang), no precise coordinates.
- Network Role: Firewalled / No Services (no open ports, TLS, or HTTP activity).
- Threat Indicators: No malicious activity, spam, or known attacker associations.
---
**2. Observation History**
- Signal Density: 45 observations over 30 days (network, DNS, and routing signals).
- Risk Trends: Minimal risk (operator score 0.13), no persistent malicious behavior.
- Key Signals:
- DNSSEC validation confirmed.
- BGP prefix 27.79.0.0/21 (stable, no route changes).
- No spam, phishing, or malware campaigns linked.
---
**3. Relationships & Neighborhood**
- Network Affiliation: Same subnet (27.79.6.126/24) as VIETTEL-VN.
- Neighbor Risk:
- 15 IPs in subnet (241 total).
- 5 high-risk neighbors (e.g., 27.79.6.175: 65 risk score).
- Abuse Density: 0% (clean subnet).
---
**4. Actionable Recommendations**
- Firewall Rules:
- iptables: `iptables -A INPUT -s 27.79.6.126 -j DROP`
- Cloudflare WAF: Block IP with rule `ip.src eq 27.79.6.126`.
- AWS WAF: Add `27.79.6.126/32` to a new rule.
- Monitoring:
- Watch neighboring IPs (e.g., 27.79.6.175) for suspicious activity.
- Validate DNSSEC and BGP integrity for subnet 27.79.0.0/21.
---
**5. Summary**
The IP 27.79.6.126 is part of a Vietnamese ISP network with no direct malicious activity. While its risk score is moderate (40), the subnet is otherwise clean. However, 5 of 15 neighbors show higher risk scores, warranting closer monitoring. Use the provided firewall rules to block the IP and investigate anomalous traffic patterns in the subnet.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-VNNIC-AP |
| ASN | AS7552 |
| Network Name | VIETTEL-VN |
| CIDR Block | 27.64.0.0/12 |
| RIR | APNIC |
| Country | VN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | localhost |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | localhost |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 18% | 1 | 2 |
| geolocation | 31% | 2 | 3 |
| Overall | 21% | 10 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-17 09:10:47 UTC |
| Last Seen | 2026-06-17 19:07:06 UTC |
| Profile Built | 2026-06-18 00:02:44 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 49 |
Full dossier details are available via our API.