103.143.11.150
IP Intelligence Briefing: 103.143.11.150
*Generated via IPDebrief tools: Profile, History, Relationships, & Neighbors*
---
**Core Profile**
- Risk Score: 65 (Moderate Risk)
- Ownership:
- ASN 138152 (IRT-ACEMOB-HK, APNIC)
- Subnet: 103.143.11.0/24
- Geolocation:
- Country: US (geolocation plausible, 3,750km accuracy radius)
- Threat Indicators:
- No known malware, phishing, or exploit activity.
- No DNSBL listings or spam associations.
- Network Role:
- Firewalled / No Services (no open ports, TLS, or HTTP banners).
- BGP routes stable (no route changes in 30 days).
---
**Observation History**
- Recent Activity:
- BGP route stability confirmed (30-day observation window).
- No spikes in threat signals (e.g., scans, DNS anomalies).
- DNSSEC valid; no spoofing detected.
---
**Network Relationships**
- Linked Entities:
- Subnet: 103.143.11.0/24 (owned by IRT-ACEMOB-HK).
- BGP peers: ASN 138152 (self), with route propagation via 34549, 6461, 4229, and 21859.
- No Known Campaigns:
- No correlated IPs, TLS certs, or server banners linked to malicious activity.
---
**Subnet Analysis**
- Neighbor IPs:
- 103.143.11.168: Risk Score 25 (Low Risk).
- 103.143.11.229: Risk Score 59 (Medium Risk).
- Subnet Abuse Density: 0.33 (33% of IPs flagged as risky).
- Classification: "Mostly Clean" but with moderate abuse density.
---
**Actionable Insights**
1. Monitor Subnet: The 103.143.11.0/24 subnet has a 33% abuse density. Investigate the medium-risk neighbor (103.143.11.229) for potential lateral movement or shared infrastructure.
2. Verify Geolocation: While geolocated in the US, the IPβs origin (HK ASN) and routing path suggest potential misconfigurations or spoofing.
3. BGP Security: Confirm BGP origin authenticity (RPKI) for ASN 138152. The subnet has no route leaks or blackholing.
4. Firewall Rules: Consider allowing traffic only from trusted networks, given the IPβs firewalled state.
---
Conclusion: This IP is not directly malicious but resides in a subnet with moderate risk. Prioritize monitoring the subnet and verifying routing integrity. No immediate blocking required, but continuous observation is advised.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | IRT-ACEMOB-HK |
| ASN | AS138152 |
| Network Name | ACEMOB-HK |
| CIDR Block | 103.143.11.0/24 |
| RIR | APNIC |
| Country | US |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 42% | 2 | 4 |
| routing | 27% | 2 | 3 |
| services | 18% | 2 | 2 |
| ownership | 41% | 3 | 5 |
| reputation | 32% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 30% | 12 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:25 UTC |
| Last Seen | 2026-06-26 18:10:12 UTC |
| Profile Built | 2026-06-22 06:25:13 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 25 |
Full dossier details are available via our API.