183.196.144.45
IP Intelligence Briefing: 183.196.144.45/32
Date: June 2, 2026
---
**1. Risk Profile**
- Risk Score: 80/100 (High Risk)
- Ownership: Owned by "haijun li" (CMNET, China)
- Geolocation: Registered to Beijing, China (latitude/longitude missing, 2500km accuracy radius)
- Network Role: Firewalled with no open services; classified as "mostly_clean" subnet but with inherited risk (2/10).
---
**2. Threat Indicators**
- No direct threat indicators (no malware, C2, or phishing campaigns detected).
- DNS Associations: Failed to resolve DNS records (timed out errors).
- Subnet Abuse: Subnet (183.196.144.0/24) has low abuse density (1/10), but the IPβs risk score is elevated.
---
**3. Observational History**
- Recent Activity (June 2, 2026):
- Geolocation inferred via multi-signal inference (latitude: 35.86, longitude: 104.2).
- Network scans detected (no open ports confirmed).
- No persistent malicious activity or campaign linkage.
---
**4. Relationships & Context**
- Network Links:
- Strong association with CMNET (same ASN: 24547).
- DNS queries failed, suggesting potential misconfiguration or evasion.
- Subnet Neighbors: No active neighbors reported in the /24 subnet.
---
**5. Recommended Actions**
- Block the IP using firewall rules:
- iptables: `iptables -A INPUT -s 183.196.144.45 -j DROP`
- Cloudflare WAF: Block IP with description "IPDebrief risk 80".
- AWS WAF: Add rule to block `183.196.144.45/32`.
- Monitor DNS Resolutions: Investigate failed DNS queries for misconfigurations or evasion.
- Verify Ownership: Confirm CMNETβs role and check for anomalous traffic patterns.
---
**6. Summary**
The IP 183.196.144.45 exhibits a high risk score despite low subnet abuse density. Its ownership by CMNET and geolocation in Beijing, China, suggest potential for legitimate traffic, but the lack of DNS resolution and elevated risk score warrant further scrutiny. Block the IP and monitor for unusual behavior.
Note: Risk scores are probabilistic; validate with additional context before taking action.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | haijun li |
| ASN | AS24547 |
| Network Name | CMNET |
| CIDR Block | 183.192.0.0/10 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 23% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:59 UTC |
| Last Seen | 2026-06-25 20:09:13 UTC |
| Profile Built | 2026-06-23 00:19:33 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 25 |
Full dossier details are available via our API.