IP Intelligence Briefing: 183.71.251.66
Date: 2026-06-17
---
**1. Core Profile**
- Risk Score: 55/100 (Moderate Risk)
- Provider: China Telecom (AS4134, CHINANET-CQ)
- Geolocation: China (CN), inferred via multi-signal geolocation with 2500 km accuracy radius.
- Network Role: Mobile Carrier (LTE/5G), no public services or hosting.
- Threat Indicators: No active malicious activity, no known campaigns, and no DNS/DNSBL listings.
---
**2. Observation History**
- Recent Activity (2026-06-17):
- High-confidence signals (0.85): Linked to 8 reputation sources, 3 high-severity listings.
- Operator Score: Minimal (0.13), indicating low network-level risk.
- Geolocation Consensus: Plausible in China, with inferred coordinates (35.86°N, 104.2°E).
- Historical Trends: No persistent threats; threat observation count is 0.
---
**3. Relationships & Network Context**
- Network Affiliation: Part of CHINANET-CQ (China Telecom), a major Chinese mobile carrier.
- Subnet: 183.71.251.66/24 (clean classification, no abusive neighbors).
- No Known Campaigns: No correlated IPs, certificates, or banners matching known malicious patterns.
---
**4. Security Recommendations**
- Firewall Actions:
- Block the IP using:
```bash
iptables -A INPUT -s 183.71.251.66 -j DROP
nft add rule inet filter input ip saddr 183.71.251.66 drop
```
- Update WAF rules (Cloudflare/AWS) to block this IP.
- Monitoring:
- Increase logging verbosity for traffic originating from this IP.
- Review historical signals for anomalies in geolocation or network behavior.
---
**5. Summary**
This IP is associated with a major Chinese mobile carrier and shows no direct signs of malicious activity. However, its moderate risk score and high-confidence geolocation signals warrant monitoring. SOC teams should block the IP and investigate any anomalous behavior linked to its network.
Next Steps: Validate geolocation data with internal sources; correlate with other network traffic for context.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Chinanet Hostmaster |
| ASN | AS4134 |
| Network Name | CHINANET-CQ |
| CIDR Block | 183.64.0.0/13 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 37% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 15% | 1 | 2 |
| geolocation | 21% | 2 | 2 |
| Overall | 20% | 9 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:00 UTC |
| Last Seen | 2026-06-26 18:10:53 UTC |
| Profile Built | 2026-06-23 00:22:49 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 17 |
Full dossier details are available via our API.