211.20.23.187
IP Intelligence Briefing: 211.20.23.187
Date: 2026-06-18
---
**1. Core Profile**
- Risk Score: 30 (Low Risk)
- Ownership: HINET Network-Adm (AS3462), Taiwan.
- Geolocation: New Taipei City, Taiwan (23.7°N, 120.96°E).
- Network Role: Mobile IP (Chunghwa Telecom Co., Ltd.), LTE/5G.
- Services: HTTP, HTTPS, SSH, HTTPS-alt (Kestrel server).
- TLS Certificate: Issued to Moxa Inc. (valid, no self-signed).
- Threat Indicators: No malicious activity, no known campaigns, no blacklisted.
---
**2. Observation History**
- Recent Activity (2026-06-18):
- Mobile device with LTE/5G connectivity.
- HTTP server returned 404 status code.
- Geolocation consistent (200km accuracy).
- No spikes in threat signals or DNS anomalies.
- Long-Term Trends:
- Stable risk profile (no persistent malicious behavior).
- No correlated IPs or certificate mismatches.
---
**3. Network Relationships**
- DNS Associations:
- Resolves to `211-20-23-187.hinet-ip.hinet.net`.
- Network Context:
- Part of HINET-NET (211.20.0.0/16), managed by HINET.
- No direct links to C2 servers, botnets, or malicious subnets.
---
**4. Neighborhood Analysis**
- Subnet: 211.20.23.187/24.
- Abuse Density: 1 (mostly clean).
- Neighbors: No active or risky sibling IPs found.
---
**5. Recommendations**
- SOC Action: Monitor for unexpected service changes or DNS anomalies.
- Firewall: No immediate blocking required; IP is low-risk.
- Context: Legitimate mobile IP from a Taiwanese ISP; no evidence of compromise.
Conclusion: 211.20.23.187 is a benign mobile IP associated with HINET. No threat detected; continue standard monitoring.
---
*Generated via IPDebrief intelligence tools.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | HINET Network-Adm |
| ASN | AS3462 |
| Network Name | HINET-NET |
| CIDR Block | 211.20.0.0/16 |
| RIR | APNIC |
| Country | TW |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR | 211-20-23-187.hinet-ip.hinet.net |
| Forward Confirmed | Yes โ FCrDNS verified |
| Forward Hostnames | 211-20-23-187.hinet-ip.hinet.net |
๐ DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Web Server |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | โ |
| 8443 | https-alt | tcp | โ |
| Closed Ports | 25, 3389, 8080 (4 open / 7 scanned) | ||
| Server | Kestrel |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | 2026-03-27T13:46:30+00:00 |
| Valid Until | 2028-06-28T13:46:30+00:00 |
| TLS Protocol | Tls12 |
| Cipher Suite | TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 824 days |
| Serial Number | 6998E8163C28A9B83B27CD23AB6F5DB8 |
| Thumbprint | 7EEB4F3DC8C3B5630FAEB8FFD7074C4E6AFD5143 |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 31% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 28% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 25% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 24% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (70%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-07 23:04:10 UTC |
| Last Seen | 2026-06-23 07:02:04 UTC |
| Profile Built | 2026-06-21 20:02:28 UTC |
| Data Freshness | Fresh |
| Signal Types | 21 |
| Total Observations | 22 |
Full dossier details are available via our API.