Your IP: 216.73.216.123
π€ Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 223.71.254.162
Date: 2026-06-08
---
**1. Risk Profile**
- Risk Score: 80 (High Risk)
- Provider: China Mobile (IRT-CHINAMOBILE-CN, ASN 56048)
- Geolocation: Beijing, China (inferred with 52% confidence)
- Network Role: Mobile Carrier (CMNET)
---
**2. Threat Indicators**
- No Direct Threats: No malware, spam, or known attacker activity detected.
- DNSBL Listings: 5/8 DNSBL lists (potential abuse risk, but no confirmed malicious activity).
- DNSSEC Valid: Secure DNS resolution.
---
**3. Network Behavior**
- Subnet: 223.71.254.0/24 (clean, 0 abuse density).
- Mobile Carrier: Likely a mobile subscriber IP (no residential/vpn/cloud indicators).
- Routing: Stable BGP prefix (223.71.254.0/24), no recent route changes.
---
**4. Historical Observations (Last 30 Days)**
- Risk Trends: Minimal risk (0.13 operator score) with no persistent malicious activity.
- Geolocation Consensus: Inferred as Beijing, China (2500km accuracy radius).
- No Scans/Probes: No detected port scans, TLS handshakes, or HTTP services.
---
**5. Relationships & Neighbors**
- Linked Entities: Part of CMNET network (same provider/organization).
- Neighboring IPs: No active siblings in 223.71.254.0/24 subnet.
---
**6. Recommendations**
- Monitor DNSBL Status: Track DNSBL listings for potential abuse.
- Verify Ownership: Confirm China Mobile's ownership and network segmentation.
- Block Unnecessary Traffic: Restrict access to this IP if itβs not a legitimate mobile subscriber.
---
Conclusion: This IP is a mobile carrier-owned asset in China with no direct malicious activity. While DNSBL listings suggest potential abuse risk, historical data shows no confirmed threats. SOC teams should monitor for unexpected behavior or changes in network activity.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | IRT-CHINAMOBILE-CN |
| ASN | AS56048 |
| Network Name | CMNET |
| CIDR Block | 223.64.0.0/11 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
No certificate
Issued by β
N/A
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 28% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 24% | 9 | 14 |
Coverage: 6/6 dimensions Β· Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:14 UTC |
| Last Seen | 2026-06-26 18:11:11 UTC |
| Profile Built | 2026-06-23 09:35:40 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 25 |
π 17 signal types Β· 25 observations collected
This report is generated from 17+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
βΉοΈ About This Report
All data shown is publicly available network metadata β IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.