116.178.131.109
# IP INTELLIGENCE BRIEFING
Target: 116.178.131.109/32
Classification: Low Risk / Mobile Infrastructure
Date: 2026-06-17
Analyst: IPDebrief Intelligence System
---
## EXECUTIVE SUMMARY
IP 116.178.131.109 is a low-risk mobile infrastructure endpoint operated by China Unicom (ASN 4837, IRT-UNICOM-CN). The IP demonstrates minimal threat activity with no known malicious indicators, no blacklist associations, and no open network services. Classification indicates mobile carrier infrastructure with residential connectivity patterns.
---
## OWNERSHIP & GELOCATION
| Attribute | Value |
|---|---|
| **ASN** | 4837 |
| **Organization** | IRT-UNICOM-CN |
| **Country** | China (CN) |
| **Region/City** | Shanghai (SH) |
| **Network Block** | 116.178.0.0/16 |
| **Provider** | China Unicom / China United Network Communications |
| **Connection Type** | Mobile (LTE/5G) |
| **Mobile Carrier** | China Unicom (MCC: 460, MNC: 01) |
| **IP Class** | Mobile Infrastructure |
---
## RISK ASSESSMENT
| Metric | Score | Assessment |
|---|---|---|
| **Overall Risk** | 25/100 | LOW RISK |
| **Provider Score** | 0 | No provider-level concerns |
| **Authority Score** | 0 | No authority concerns |
| **Operator Score** | 0.1304 | Minimal operator risk |
| **DNSBL Listings** | 1/8 | Minimal listing presence |
Threat Indicators
- Known Attacker: No
- Tor Exit Node: No
- Spam Source: No
- Blacklist Count: 0
- Known Campaigns: None identified
---
## NETWORK BEHAVIOR & SERVICES
- Service Status: Firewalled / No Services Detected
- Open Ports: None
- TLS Certificate: Not present
- HTTP/HTTPS: No active web services
- PTR Resolution: Unresolved
- Forward Resolution: Unconfirmed
- Hosted Domains: 0
---
## CONTROL PLANE ANALYSIS
- BGP Prefix: 116.178.0.0/16
- Origin ASN: 4837
- Route Stability: Not stable (route changes detected)
- Route Changes (30d): 0
- RPKI State: Not available
- IRRI Consistency: Not available
- DNSSEC: Valid
- MoAS Status: No
---
## NEIGHBORHOOD ANALYSIS (116.178.131.0/24)
| Metric | Value |
|---|---|
| **Subnet** | 116.178.131.0/24 |
| **Abuse Density** | 1 (Low) |
| **Classification** | Mostly Clean |
| **Total Siblings** | 1 |
| **Active Siblings** | 0 |
| **Threat Siblings** | 1 |
| **Risk Distribution** | High: 0, Medium: 0, Low: 0 |
*Note: Neighborhood shows minimal abuse activity with one sibling threat indicator.*
---
## OBSERVATION HISTORY
Total Observations: 15 signals recorded
Recent Signal Timeline:
1. 2026-06-17 06:22:26 UTC - Ownership stability assessment (Confidence: 85%)
2. 2026-06-17 06:20:52 UTC - Neighborhood analysis - Abuse density: 1, Classification: mostly_clean (Confidence: 40%)
3. 2026-06-17 06:19:14 UTC - Threat assessment - Not attacker, Not spam source, Blacklist count: 0 (Confidence: 20%)
4. 2026-06-17 06:16:53 UTC - Geolocation - Country: CN, Confidence: 52% (Confidence: 52%)
5. 2026-06-17 06:14:24 UTC - Operator score assessment - Label: Minimal (Confidence: 30%)
Threat Persistence: 0 days
Persistent Malicious Status: No
Ownership Changes: 0
---
## RELATIONSHIP GRAPH
- Same Network Relationships: 19 instances
- Target Organization: UNICOM (all relationships)
- Relationship Types: Network-level associations only
---
## SECURITY ACTIONS RECOMMENDATION
Risk Level: LOW
Action Priority: MONITOR / LOW PRIORITY
Based on the risk profile, this IP presents minimal threat to network security:
- No active malicious indicators
- Legitimate mobile carrier infrastructure
- No open services or attack vectors detected
- Neighborhood shows low abuse density
Recommended Handling:
- Allow traffic with standard logging
- No firewall blocking required
- No special monitoring beyond standard network baseline
- No WAF rules necessary
---
## CONCLUSION
IP 116.178.131.109 is classified as low-risk mobile infrastructure under China Unicom's operational network. No actionable threat indicators or malicious behavior observed. Standard network operations procedures apply.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-UNICOM-CN |
| ASN | AS4837 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 26% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 21% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:32 UTC |
| Last Seen | 2026-06-22 10:14:19 UTC |
| Profile Built | 2026-06-22 10:21:59 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 18 |
Full dossier details are available via our API.