124.121.31.25
IP Intelligence Dossier
Your IP: 216.73.216.123
๐ค Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 124.121.31.25
*Generated from IPDebrief analysis*
---
**1. Profile Summary**
- Risk Score: 40 (Moderate Risk)
- Ownership: Registered to IRT-TRUEINTERNET-TH (ASN 17552, APNIC).
- Geolocation: Thailand (Nonthaburi), latitude 15.87, longitude 100.99.
- Network Role: Web server (HTTPS on port 443).
- Threat Indicators: No malicious indicators, spam, or known attacker associations.
- Subnet: 124.121.31.25/24, classified as "mostly_clean" with 9% abuse density.
---
**2. Observation History**
- Geolocation: Confirmed as Thailand (Nonthaburi) with 500km accuracy.
- DNS: Resolves to ppp-124-121-31-25.revip2.asianet.co.th.
- BGP: Subnet 124.121.0.0/18 with stable routing (no recent changes).
- ICMP: Blocked, preventing traceroute validation.
---
**3. Network Relationships**
- DNS Associations: Linked to asianet.co.th domains.
- Subnet Peers:
- 124.121.31.5, 124.121.31.13, 124.121.31.17, etc. (all with similar risk scores).
- Shared Network: Part of TRUEBB-NET (ASN 17552).
---
**4. Subnet Neighborhood**
- Total Siblings: 11 IPs in 124.121.31.0/24.
- Active Siblings: 2 IPs with similar risk profiles.
- Threat Siblings: 1 IP flagged for potential abuse.
- Abuse Density: 9% (low risk for the subnet).
---
**5. Recommended Actions**
- Monitor: Track geolocation and DNS changes due to ICMP blocking.
- Firewall: Consider allowing HTTPS traffic (port 443) while blocking non-essential ports.
- Subnet Analysis: Investigate the single threat sibling in the subnet for potential lateral movement.
- DNS Validation: Verify domain ownership and SPF/DKIM records for email security.
---
Conclusion: The IP is a legitimate web server in Thailand with no immediate threats. However, the subnet contains a small risk profile, warranting continued monitoring for anomalies.
*Data sourced from IPDebrief threat intelligence platform.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-TRUEINTERNET-TH |
| ASN | AS17552 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | ppp-124-121-31-25.revip2.asianet.co.th |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | ppp-124-121-31-25.revip2.asianet.co.th |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | โ |
| Closed Ports | 22, 25, 80, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
No certificate
Issued by โ
N/A
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 26% | 2 | 3 |
| ownership | 26% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 26% | 10 | 17 |
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-07 23:03:37 UTC |
| Last Seen | 2026-06-22 12:42:04 UTC |
| Profile Built | 2026-06-22 17:40:04 UTC |
| Data Freshness | Fresh |
| Signal Types | 24 |
| Total Observations | 25 |
๐ 24 signal types ยท 25 observations collected
This report is generated from 24+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
โน๏ธ About This Report
All data shown is publicly available network metadata โ IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.