219.248.65.30
IP Intelligence Dossier
Your IP: 216.73.216.123
๐ค Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 219.248.65.30
Date: 2026-06-17
---
**1. Risk Assessment**
- Risk Score: 80 (High Risk)
- Provider Score: 0 (Unverified)
- Authority Score: 0 (Unverified)
- Stability Score: 0 (Unverified)
- Threat Indicators: No direct malicious activity detected (no indicators, spam, or blacklist listings).
---
**2. Ownership & Geolocation**
- ASN: 9318 (IP Manager)
- Region: Gyeonggi-do, South Korea (KR)
- Coordinates: Latitude 35.91, Longitude 127.77
- Timezone: Asia/Seoul
- Network: 219.248.0.0/14 (APNIC registry)
---
**3. Network Role & Services**
- Service Purpose: Web Server (ports 443/HTTPS, 22/SSH open).
- TLS Certificate: Self-signed (issuer: *vpn100_BCCF4F6B3940*).
- HTTP Fingerprint: Status code 200, body hash `c3880ee25ca5d0cc`, no HSTS or HTTP/2.
- DNS: No PTR records or domain associations.
---
**4. Observation History**
- Last 30 Days:
- Stable geolocation (KR, 250km accuracy).
- No significant changes in risk scores or network behavior.
- Single observed HTTP request (June 16, 2026) with no anomalous headers.
---
**5. Relationships & Subnet**
- Network Relationships:
- Linked to subnet 219.248.65.30/24 (abuse density: 1, classification: "mostly_clean").
- No direct ties to known malicious entities or campaigns.
- Neighbors: No active sibling IPs in the subnet (0 neighbors).
---
**6. Recommendations**
- Monitor: Track changes in network behavior or new open ports (e.g., SSH/443).
- Verify: Confirm ownership of the ASN (9318) and validate the self-signed TLS certificate.
- Blocklist: Consider adding to WAF rules if traffic patterns deviate from expected behavior.
Note: While no direct threats are detected, the high risk score may reflect broader network risks (e.g., subnet abuse density). Further investigation into the ASN owner (IP Manager) is recommended.
---
*Generated by IPDebrief. All data sourced from observed signals and public records.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IP Manager |
| ASN | AS9318 |
| Network Name | broadNnet-KR |
| CIDR Block | 219.248.0.0/14 |
| RIR | APNIC |
| Country | KR |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 80, 3389, 8080, 8443 (2 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.8 |
๐ TLS Certificate
A self-signed certificate was detected. This is common for development servers, internal services, or IoT devices.
CN=vpn100_BCCF4F6B3940
Issued by CN=vpn100_BCCF4F6B3940
Self-signed: Yes
| SANs | None |
| Valid From | 2019-12-07T11:22:51+00:00 |
| Valid Until | 2029-12-04T11:22:51+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha256RSA |
| Validity Period | 3650 days |
| Serial Number | 00AA06375E8E80D60D |
| Thumbprint | 103F7A6050434E484BDE22E97F9F33206C0B17FA |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 28% | 2 | 4 |
| ownership | 24% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 22% | 10 | 17 |
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-07 23:04:12 UTC |
| Last Seen | 2026-06-26 18:11:09 UTC |
| Profile Built | 2026-06-25 09:48:28 UTC |
| Data Freshness | Fresh |
| Signal Types | 21 |
| Total Observations | 22 |
๐ 21 signal types ยท 22 observations collected
This report is generated from 21+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
โน๏ธ About This Report
All data shown is publicly available network metadata โ IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.