# IPDEBRIEF INTELLIGENCE BRIEFING
Target IP: 43.166.244.251/32
Classification: LOW RISK
Date: 2026-06-28
---
## EXECUTIVE SUMMARY
IP 43.166.244.251 is classified as Low Risk with a risk score of 25. The address belongs to organization ACEVILLEPTELTD-SG (ASN 132203) and is geolocated to Ashburn, VA, US. No active threat indicators or malicious activity were observed during the intelligence collection period.
---
## OWNERSHIP & INFRASTRUCTURE
- Organization: IRT-ACEVILLEPTELTD-SG
- Netname: ACEVILLEPTELTD-SG
- ASN: 132203
- CIDR Block: 43.166.224.0/19
- RIR: APNIC
- Registration Age: 5,182 days
- Geolocation: United States, Virginia, Ashburn
The IP address is registered under APNIC and shows stable routing with zero route changes over the past 30 days. RPKI validation is not confirmed, but IRR consistency matches.
---
## THREAT ASSESSMENT
- Risk Score: 25 (Low)
- Reputation: Low Risk
- Threat Indicators: None detected
- Blacklist Count: 0
- Is Tor Exit Node: No
- Is Known Attacker: No
- Is Spam Source: No
- Abuse Confidence Score: Not available
- Known Campaigns: None
The IP shows no association with known threat campaigns, malicious banner patterns, or correlated IP addresses.
---
## NETWORK SERVICES
- Open Ports: None detected
- HTTP/TLS: No active web services
- DNS: No forward resolution, no PTR records
- Service Purpose: Firewalled / No Services
- Network Role: Infrastructure type classified as Unknown
The target IP is not actively serving web traffic or exposing open services.
---
## NEIGHBORHOOD ANALYSIS
The IP resides in subnet 43.166.244.0/24 with the following characteristics:
- Subnet Abuse Density: 0.5
- Classification: Mostly Clean
- Total Siblings: 2
- Active Siblings: 2
- Threat Siblings: 1
Neighboring IP addresses in the /24:
| IP Address | Risk Score | Authority Score |
|---|---|---|
| 43.166.244.66 | 25 | 50 |
| 43.166.244.192 | 25 | 50 |
All neighbors maintain low risk profiles.
---
## OBSERVATION HISTORY
The IP has 29 historical observations. Key temporal trends include:
- 2026-06-28: Minimal threat level, zero active signals
- 2026-06-09: Subnet classification "mostly_clean," abuse density 0.5
- Ownership Changes: 0
- Threat Persistence Days: 0
- Is Persistently Malicious: No
No escalating threat patterns were observed over the monitoring period.
---
## RELATIONSHIP GRAPH
The IP has 13 documented relationships:
- Same Network: Multiple associations to ACEVILLEPTELTD-SG network
- DNS Associations: Timeout errors logged to internal addresses (192.168.2.108#53)
No certificate associations or external hostname mappings were detected.
---
## RECOMMENDED ACTIONS
Based on the risk profile, the following security actions are recommended:
1. Traffic Monitoring: Monitor for any service activity, as current profile shows no open ports
2. DNS Filtering: No specific DNS filtering required; standard monitoring applies
3. Firewall Rules: Default allow/deny policies appropriate; no specific block rules required
4. Threat Intelligence: No immediate threat intelligence alerts triggered
---
## SOC ANALYST NOTES
- IP 43.166.244.251 shows no malicious indicators
- Neighborhood abuse density is moderate (0.5) but classification remains "mostly_clean"
- No correlation to known threat campaigns or C2 infrastructure
- Recommended for routine monitoring rather than immediate blocking
---
END OF BRIEFING
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | IRT-ACEVILLEPTELTD-SG |
| ASN | AS132203 |
| Network Name | ACEVILLEPTELTD-SG |
| CIDR Block | 43.166.224.0/19 |
| RIR | APNIC |
| Country | US |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 3 |
| routing | 22% | 3 | 4 |
| services | 20% | 2 | 3 |
| ownership | 27% | 3 | 4 |
| reputation | 22% | 1 | 2 |
| geolocation | 25% | 2 | 2 |
| Overall | 24% | 13 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (65%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-21 05:50:59 UTC |
| Last Seen | 2026-06-28 05:23:49 UTC |
| Profile Built | 2026-06-28 23:27:57 UTC |
| Data Freshness | Live |
| Signal Types | 27 |
| Total Observations | 31 |
Full dossier details are available via our API.