112.120.171.95
IP Intelligence Briefing: 112.120.171.95
*Last Updated: 2026-06-16*
---
**Overview**
- Risk Score: 25 (Low Risk)
- Provider: IRT-HKTIMS-HK (ASN 4760)
- Geolocation: Hong Kong (HK), Kowloon City, Whampoa Estate (22.4°N, 114.11°E)
- Network Role: Web server (HTTP/HTTPS/SSH)
- Services:
- Open ports: 80 (HTTP), 443 (HTTPS), 22 (SSH)
- SSH banner: `SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.13`
- Server banner: Caddy
---
**Threat Indicators**
- No malicious activity detected in the last 30 days.
- No DNSBL listings or abuse confidence scores.
- TLS/SSL: No active certificates or vulnerabilities reported.
- Scans: Detected as a web server with Caddy (non-malicious).
---
**Observation History**
- June 16, 2026: Failed HTTPS connection attempt (low confidence).
- June 2, 2026:
- Port scan revealed open ports (80, 443, 22).
- SSH service identified with OpenSSH 8.2p1.
- Geo-validated as Hong Kong (RTT: 232โ234ms).
---
**Network Relationships**
- DNS: Linked to `n112120171095.netvigator.com` (netvigator.com domain).
- Subnet: Part of `112.120.171.95/24` (no risky neighbors reported).
- Hosting: Likely a residential or small business server (no CDN/VPN/Proxy detected).
---
**Actionable Insights**
1. No immediate mitigation required due to low risk profile.
2. Monitor DNS: Track `netvigator.com` for potential abuse or phishing activity.
3. Verify server configuration: Ensure Caddy server is properly secured (e.g., HTTP/2, HSTS).
4. Subnet Context: Subnet `112.120.171.95/24` has no reported abuse, but isolate if unusual traffic emerges.
---
*End of Briefing*
*Generated by IPDebrief Threat Intelligence Platform*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-HKTIMS-HK |
| ASN | AS4760 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | n112120171095.netvigator.com |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | n112120171095.netvigator.com |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | Caddy |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.13 |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 29% | 2 | 4 |
| ownership | 20% | 2 | 3 |
| reputation | 23% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 24% | 10 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-07 23:03:31 UTC |
| Last Seen | 2026-06-26 18:10:24 UTC |
| Profile Built | 2026-06-25 00:59:54 UTC |
| Data Freshness | Fresh |
| Signal Types | 24 |
| Total Observations | 25 |
Full dossier details are available via our API.