43.157.67.70
IP Intelligence Briefing: 43.157.67.70/32
Date: 2026-06-12
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Registered to IRT-ACEVILLEPTELTD-SG (ASN 132203) in Germany (Frankfurt am Main).
- Geolocation: Germany (Frankfurt), latitude/longitude unspecified.
- Threat Indicators: No active malware, phishing, or exploit campaigns detected.
- Network Role: Firewalled with no open services (ports, TLS, or HTTP).
---
**2. Behavioral & Threat History**
- Recent Activity (Last 30 Days):
- June 11, 2026: Linked to AS132203 (Tencent Infrastructure) with 50+ threat pulses (e.g., "Pulse Names" in OTX).
- June 10, 2026: Subnet 43.157.67.0/24 classified as "mostly_clean" with 1 threat sibling.
- Stability: No persistent malicious behavior; risk score remains minimal.
---
**3. Relationships & Network Context**
- Connected Entities:
- Same network: ACEVILLEPTELTD-SG (repeated in relationships).
- No direct links to known C2 servers, CDN nodes, or honeypots.
- Subnet Analysis:
- 43.157.67.0/24 has 1 active sibling IP; abuse density is low (1/100).
---
**4. DNS & Service Footprint**
- DNS: No PTR records, domains, or email auth (SPF/DKIM).
- Services: No open ports, TLS certs, or HTTP banners detected.
---
**5. Recommendations**
- Monitor: Track AS132203 (Tencent) for potential lateral movement or infrastructure reuse.
- Verify: Confirm geolocation accuracy, as latitude/longitude are missing.
- Baseline: Use historical data to detect anomalies in future observations.
Conclusion: The IP appears benign but is associated with a Chinese infrastructure provider. Soc teams should maintain vigilance due to recent threat pulses and ensure alignment with network segmentation policies.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-ACEVILLEPTELTD-SG |
| ASN | AS132203 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 8% | 1 | 1 |
| services | 12% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 33% | 2 | 3 |
| Overall | 21% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-28 14:32:57 UTC |
| Last Seen | 2026-06-28 12:22:20 UTC |
| Profile Built | 2026-06-29 06:28:35 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 22 |
Full dossier details are available via our API.