175.207.243.95
IP Intelligence Dossier
Your IP: 216.73.216.123
๐ค Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 175.207.243.95
Date: 2026-06-17
---
**1. Core Profile**
- Risk Score: 55 (Moderate Risk)
- Ownership: ASN 4766 (IP Manager, KT Corporation, South Korea)
- Geolocation: Jeju City, South Korea (35.91°N, 127.77°E)
- Network Role: Mobile device (KT LTE/5G) | No CDN/VPN/Hosting
- Services: HTTP (80), HTTPS (443), SSH (22) | TLS Certificate Issuer: Ruckus Wireless Inc.
---
**2. Threat Indicators**
- No Direct Threats: No known malware, spam, or attacker associations.
- DNS Observations:
- Listed in 3/8 DNSBLs (low abuse density).
- HTTP/HTTPS responses show 503 errors, but no malicious payloads.
- TLS Certificate: Self-signed, issued by Ruckus Wireless (potential internal use).
---
**3. Network Behavior**
- Subnet: 175.207.243.95/24 (clean, no malicious neighbors).
- Mobile Carrier: KT Corporation (MCC 450, MNC 08).
- BGP: Stable route (AS4766), no route changes in 30 days.
---
**4. Historical Activity**
- Recent Observations (June 2026):
- 503 HTTP errors, likely infrastructure issues.
- DNS listings flagged as "low severity" (3/8 lists).
- No persistent malicious activity or ownership changes.
---
**5. Recommendations**
- Monitor TLS Certificate: Investigate Ruckus Wireless certificate usage (internal vs. external).
- Check DNSBL Listings: Confirm legitimacy of DNSBL flags (e.g., Spamhaus, DNS-PHI).
- Track HTTP Errors: Monitor for recurring 503 errors indicating infrastructure instability.
- Network Segmentation: Ensure mobile device traffic is isolated from critical systems.
---
Conclusion:
The IP is a legitimate mobile device on KTโs network with no immediate malicious activity. While DNSBL flags and TLS certificate anomalies warrant further investigation, the overall risk remains moderate. SOC teams should prioritize monitoring for unexpected service disruptions or new threat indicators.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IP Manager |
| ASN | AS4766 |
| Network Name | โ |
| CIDR Block | 175.200.0.0/13 |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | โ |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
C=US, S=California, L=Sunnyvale, O=Ruckus Wireless Inc., CN=SN-922102017462
Issued by C=US, S=California, L=Sunnyvale, O=Ruckus Wireless Inc., CN=RuckusPKI-DeviceSubCA-2
Self-signed: No
| SANs | None |
| Valid From | 2020-12-26T12:20:12+00:00 |
| Valid Until | 2045-12-27T12:20:12+00:00 |
| TLS Protocol | Tls12 |
| Cipher Suite | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 9132 days |
| Serial Number | 2AE6BAF4 |
| Thumbprint | 0FEA6466C1C4A2211A66229331736D2A19A18F69 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 27% | 2 | 3 |
| services | 28% | 2 | 3 |
| ownership | 27% | 3 | 4 |
| reputation | 15% | 1 | 2 |
| geolocation | 21% | 2 | 2 |
| Overall | 25% | 12 | 17 |
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
| Data Coherence | Mixed Signals (68%) โ 2 contradiction(s) |
| Attribution | Low (35%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
โ Geo sources disagree on country: US, KR
โ TLS certificate claims US but primary geo says KR
โ TLS certificate claims US but primary geo says KR
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-07 23:03:55 UTC |
| Last Seen | 2026-06-25 01:47:38 UTC |
| Profile Built | 2026-06-23 22:47:32 UTC |
| Data Freshness | Fresh |
| Signal Types | 23 |
| Total Observations | 24 |
๐ 23 signal types ยท 24 observations collected
This report is generated from 23+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
โน๏ธ About This Report
All data shown is publicly available network metadata โ IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.