27.79.6.77
IP Intelligence Dossier
Your IP: 216.73.216.123
๐ค Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 27.79.6.77/32
Date: 2026-06-07
---
**1. Risk Profile**
- Risk Score: 55 (Moderate Risk)
- Provider: IRT-VNNIC-AP (Vietnam)
- Geolocation: Da Nang, Vietnam (AS7552)
- Network Role: Single-service HTTP host (port 80)
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or abuse reports).
---
**2. Observation History**
- HTTP Activity: Consistent HTTP/1.1 service with "Webs" server banner since 2026-06-03.
- TLS/SSL: No TLS certificate observed.
- Scans: Detected open port 80, no other open ports.
- Subnet Stability: Subnet (27.79.6.0/24) shows mixed risk, with 6/15 neighbors flagged as medium/high risk.
---
**3. Relationships & Network Context**
- Network Affiliation: Linked to VIETTEL-VN (Vietnam telecom provider).
- DNS: PTR record points to "localhost" (potentially misconfigured or a honeypot).
- Subnet Abuse Density: 36.36% of neighbors show abuse risk, with 27.79.6.175 (risk score 65) as the highest-risk sibling.
---
**4. Actionable Insights**
- Monitor Subnet: High-risk neighbors (e.g., 27.79.6.175) may indicate compromised hosts or botnet activity.
- Verify DNS Configuration: Investigate "localhost" PTR record for misconfigurations or spoofing.
- Baseline HTTP Traffic: The consistent "Webs" server banner and HTTP/1.1 protocol suggest a static, non-malicious service.
- Subnet Segmentation: Consider isolating high-risk neighbors to mitigate potential lateral movement.
---
Recommendation: No immediate blocking required for 27.79.6.77, but monitor its subnet for emerging threats. Further analysis of the "localhost" DNS anomaly and high-risk neighbors is advised.
Source: IPDebrief Threat Intelligence Platform.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-VNNIC-AP |
| ASN | AS7552 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | localhost |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | localhost |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | Webs |
| HTTP Title | โ |
๐ TLS Certificate
No certificate
Issued by โ
N/A
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 35% | 2 | 4 |
| ownership | 27% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 35% | 2 | 3 |
| Overall | 24% | 10 | 15 |
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-14 19:29:08 UTC |
| Last Seen | 2026-06-13 03:45:38 UTC |
| Profile Built | 2026-06-13 09:15:53 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 20 |
๐ 20 signal types ยท 20 observations collected
This report is generated from 20+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
โน๏ธ About This Report
All data shown is publicly available network metadata โ IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.