175.43.163.239
IP Intelligence Briefing: 175.43.163.239
Date: 2026-06-06
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership:
- ASN: 4837
- Organization: China Unicom (QUAN ZHOU)
- Network: UNICOM-FJ-QUANZHOU-MAN
- Region: Fujian, Quanzhou, China
- Geolocation:
- Country: China (CN)
- City: Quanzhou
- Coordinates: Latitude 24.927, Longitude 118.5832
- Accuracy: 2500 km radius
---
**2. Threat Indicators**
- No malicious indicators detected:
- No DNS, TLS, or service anomalies.
- No known attacker, spam, or Tor exit node associations.
- Zero blacklist entries or campaign correlations.
- Mobile Network:
- Carrier: China Unicom (MCC 460, MNC 01).
- Technology: LTE/5G.
---
**3. Network Behavior**
- Subnet: 175.43.163.239/24
- Abuse Density: 0.25 (moderate risk).
- Neighbors: 5 IPs (2 high-risk, 2 medium-risk, 1 low-risk).
- Active Siblings: 1 (175.43.163.240, risk score 80).
- Threat Siblings: 1 (175.43.163.248, risk score 40).
- BGP:
- Prefix: 175.42.0.0/15.
- Route Stability: Unstable (route changes in 30 days).
---
**4. Historical Observations**
- Last 30 Days:
- Geolocation Consensus: Confirmed as Quanzhou, Fujian.
- Subnet Abuse: 0.2 density (mostly clean).
- Threat Persistence: No persistent malicious activity.
---
**5. Recommendations**
- Monitor Neighbors:
- Focus on 175.43.163.240 (high-risk neighbor) and 175.43.163.248 (medium-risk).
- Verify Mobile Activity:
- Confirm if this IP is part of a dynamic mobile network (LTE/5G) and check for unusual traffic patterns.
- Check Subnet Trends:
- Track changes in subnet abuse density, as the current 0.2 score suggests potential risk.
---
Conclusion:
The IP is part of a mobile network in China with no direct malicious activity. However, its subnet contains higher-risk neighbors, warranting further investigation. SOC teams should monitor for anomalies in the subnet and correlate with mobile carrier logs.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | QUAN ZHOU |
| ASN | AS4837 |
| Network Name | UNICOM-FJ-QUANZHOU-MAN |
| CIDR Block | 175.43.160.0/19 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 13% | 1 | 2 |
| geolocation | 27% | 2 | 3 |
| Overall | 19% | 10 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-11 02:50:40 UTC |
| Last Seen | 2026-06-26 06:44:35 UTC |
| Profile Built | 2026-06-26 06:56:16 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 18 |
Full dossier details are available via our API.