103.163.220.244
IP Intelligence Briefing: 103.163.220.244
Date: 2026-06-02
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership:
- ASN: 206092
- Organization: XS Usenet (Netname: XSUSENETBV-AP)
- Country: Netherlands (NL)
- Geolocation:
- City: Chiyoda City (Japan) [Conflict: Country is NL, but city is Tokyo, suggesting possible data inconsistency]
- Coordinates: 52.13°N, 5.29°E
- ISP: XS Usenet (apnic registry)
- Threat Indicators:
- No active malicious indicators (no DNSBL listings, spam, or campaign ties).
- DNSSEC Valid: Yes.
- BGP: Subnet 103.163.220.0/24, with 0.0638% abuse density (mostly clean).
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- DNSBL Listings: 2 entries (high severity, 0.85 confidence).
- Subnet Abuse Density: 6.38% (low risk).
- Network Stability: No route changes; stable BGP prefix.
- Geolocation Consistency: Mixed (city Tokyo vs. country NL).
---
**3. Network Relationships**
- Subnet: 103.163.220.0/24
- Neighbors (24 active IPs in subnet):
- Threat Siblings: 9 IPs with elevated risk.
- Risk Distribution: 2 medium-risk IPs, 141 total IPs (98% low risk).
- Linked Entities:
- Organization: XS Usenet (apnic).
- ASN: 206092 (SECFIREWALLAS - F.N.S. HOLDINGS LIMITED).
---
**4. Threat Context**
- No Direct Malicious Activity: No open ports, TLS certs, or services detected.
- Subnet Risks: While the IP itself is low risk, the subnet contains 9 risky neighbors.
- Geolocation Anomaly: City listed as Tokyo (Japan) despite country code NL (Netherlands). Verify data accuracy.
---
**5. Recommendations**
1. Monitor Subnet Activity: Track the 9 high-risk neighbors for potential lateral movement or network compromise.
2. Verify Geolocation: Investigate the conflicting city (Tokyo) vs. country (NL) data to avoid misclassification.
3. Check DNSBL Listings: Confirm if the 2 DNSBL entries are false positives or require mitigation.
4. Network Segmentation: Consider isolating this subnet if it hosts sensitive assets, given the presence of risky neighbors.
Conclusion: 103.163.220.244 is low risk but part of a subnet with mixed activity. Prioritize monitoring the broader network context.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | XS Usenet |
| ASN | AS206092 |
| Network Name | XSUSENETBV-AP |
| CIDR Block | 103.163.220.0/23 |
| RIR | APNIC |
| Country | NL |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 17% | 1 | 2 |
| geolocation | 30% | 2 | 3 |
| Overall | 22% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:25 UTC |
| Last Seen | 2026-06-22 06:29:34 UTC |
| Profile Built | 2026-06-22 06:35:32 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 23 |
Full dossier details are available via our API.