112.27.38.203📋 Copy

IP Intelligence Briefing: 112.27.38.203

Date: 2026-06-03

---

**1. Risk Profile**

• Risk Score: 80 (High Risk)
• Provider: China Mobile (AS 9808, CMNET)
• Geolocation: Guangdong, China (Guangzhou)
• Network Role: Mobile (LTE/5G), no public services detected
• Threat Indicators: No malicious activity or abuse reports

---

**2. Observation History**

• Recent Activity:

- Detected as "Basic" risk (0.4 score) on 2026-06-03.

- Subnet abuse density: 1 (mostly clean).

- No persistent malicious behavior (threat observation count: 1).

• Trend: Stable risk profile with no significant changes over 30 days.

---

**3. Relationships**

• Network Affiliation:

- Linked to CMNET (China Mobile) via ASN 9808.

- No connections to known malicious networks, organizations, or domains.

• DNS/Services:

- No public DNS records, open ports, or TLS certificates detected.

---

**4. Neighborhood Analysis**

• Subnet: 112.27.38.203/24
• Neighbor Count: 0 (no sibling IPs detected).
• Abuse Density: 0 (no risky neighbors).

---

**5. Key Findings**

• The IP is part of China Mobile's CMNET network, registered to "haijun li" in Guangdong, China.
• High risk score (80) but no direct threat indicators (no malware, phishing, or spam associations).
• Isolated in its subnet with no neighboring IPs detected.
• Mobile network (LTE/5G) with no public services or DNS activity.

---

**6. Recommendations**

• Monitor for unexpected network changes or new services.
• Verify geolocation and ownership via RDAP for compliance.
• Consider blocking or restricting traffic from this IP if it aligns with your security policies.

Note: No immediate action required unless further threats emerge.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.