223.84.209.188
IP Intelligence Briefing: 223.84.209.188
Date: 2026-06-08
**Risk Assessment**
- Risk Score: 80 (High Risk)
- Threat Indicators: No direct malicious activity detected (no known campaigns, spam, or attacker associations).
- Network Classification: Mobile carrier (CMNET) IP, flagged as "Firewalled / No Services."
**Ownership & Geolocation**
- ISP: China Mobile (IRT-CHINAMOBILE-CN)
- ASN: 56045 (CMNET)
- Geolocation: Beijing, China (approximate; ICMP validation failed due to firewall blocking).
- Subnet: 223.84.209.188/24 (abuse density: 0; no active neighbors reported).
**Threat Context**
- DNS Behavior: DNS queries timed out, suggesting potential filtering or misconfiguration.
- Historical Observations: Limited data (1 observation in 30 days), no persistent threats detected.
- Routing: BGP prefix 223.84.208.0/21, stable route with minimal ASN changes.
**Network Relationships**
- Linked Entities:
- Same network (CMNET)
- DNS resolution failures (hostnames unreachable).
- Subnet Activity: No active neighbors or threat siblings in the /24 subnet.
**Actionable Insights**
1. Monitor DNS Traffic: Investigate DNS resolution failures; potential misconfiguration or filtering.
2. Network Segmentation: Given mobile carrier context, ensure segmentation to limit lateral movement.
3. Geolocation Validation: Verify geolocation accuracy via alternative methods due to ICMP blocking.
4. Threat Intelligence Correlation: Cross-reference with other IPs in the CMNET ASN for potentialε ³θ.
Conclusion: High-risk due to carrier-grade infrastructure and incomplete DNS data, but no direct malicious activity detected. Prioritize monitoring for anomalies in DNS behavior or network segmentation breaches.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | IRT-CHINAMOBILE-CN |
| ASN | AS56045 |
| Network Name | CMNET |
| CIDR Block | 223.64.0.0/11 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 3 |
| routing | 20% | 1 | 1 |
| services | 11% | 1 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 26% | 2 | 3 |
| Overall | 23% | 9 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Fresh
| First Seen | 2026-05-07 23:04:14 UTC |
| Last Seen | 2026-06-26 18:11:11 UTC |
| Profile Built | 2026-06-25 09:44:01 UTC |
| Data Freshness | Fresh |
| Signal Types | 19 |
| Total Observations | 21 |
Full dossier details are available via our API.