183.251.233.69

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

INTELLIGENCE BRIEFING: IP 183.251.233.69/32

Classification: MODERATE RISK (Score: 65)

Date: Current Assessment

---

OWNERSHIP & ATTRIBUTION

IP 183.251.233.69 is assigned to ASN 9808 (haijun li) under the CMNET network block (183.192.0.0/10). The address is registered through APNIC and is currently attributed to China Mobile infrastructure. The IP operates on a mobile carrier network (China Mobile, MCC 460, MNC 00) utilizing LTE/5G connection technology.

GEOGRAPHIC CONTEXT

Geolocation data consistently places the address in China (CN), specifically Fujian province. Multiple geolocation signals converge on this location with moderate confidence. No precise city-level data available; accuracy radius spans 2,500km.

THREAT INDICATORS

DNSBL Listings: 3 out of 8 total DNS blacklists show listings for this IP (max severity: high)
Reputation: Moderate risk designation with no current active threat campaigns detected
Malicious Classifications: Not flagged as Tor exit, known attacker, or spam source
Abuse Confidence: Variable (data shows 0.15–0.52 confidence across signals)

NETWORK CHARACTERISTICS

Service Status: No open ports detected; classification indicates "Firewalled / No Services"
DNS Resolution: No forward DNS resolution confirmed; no PTR hostnames
Mobile Classification: Confirmed mobile network origin (not residential, hosting, or cloud infrastructure)
Route Stability: BGP prefix 183.251.232.0/21 shows route instability

TEMPORAL ANALYSIS

Observation history contains 15 data points with the most recent signals from June 2026. Historical data shows:

Blacklist activity present across multiple reputation feeds
Network classification signals showing minimal operator risk (0.1304 operator score)
No persistent malicious behavior detected over observation period

RELATIONSHIP MAPPING

The IP exhibits 14 relationship links, all pointing to CMNET network identifiers. No organizational or certificate relationships identified.

NEIGHBORHOOD ASSESSMENT

Subnet 183.251.233.69/24 shows:

Abuse density: 0
Sibling IPs: 1 total, 0 active
Classification: Clean
No inherited risk from neighboring addresses

RECOMMENDED ACTIONS

1. Monitor: Maintain monitoring due to moderate risk score (65) and multiple DNSBL listings

2. Allow: No immediate blocking required; IP not classified as high-confidence threat actor

3. Investigate: If traffic patterns from this IP show unusual behavior, correlate with mobile carrier logs for source validation

RISK ASSESSMENT SUMMARY

This IP represents moderate-risk infrastructure originating from China Mobile's mobile network in Fujian. While no active threat indicators are present, the IP carries multiple DNSBL listings and shows route instability. Recommended as monitored traffic rather than blocked, with investigation triggered only on anomalous behavioral patterns.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇨🇳 China
Region	Guangdong
City	Guangzhou
Timezone	—
Latitude	24.48
Longitude	118.07

🏢 Ownership & Registration

Organization	haijun li
ASN	AS9808
Network Name	CMNET
CIDR Block	183.192.0.0/10
RIR	APNIC
Country	CN
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Mobile
Service Purpose	Firewalled / No Services
Network Tier	Unknown — Insufficient routing data to classify

Mobile

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	21%	2	2
routing	13%	1	1
services	8%	1	1
ownership	27%	2	3
reputation	15%	1	2
geolocation	21%	2	2
Overall	18%	9	11

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-07 23:04:00 UTC
Last Seen	2026-06-23 00:18:04 UTC
Profile Built	2026-06-23 00:29:17 UTC
Data Freshness	Live
Signal Types	16
Total Observations	18

🔍 16 signal types · 18 observations collected

This report is generated from 16+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

183.251.233.69📋 Copy