110.185.106.161
Threat Intelligence Briefing: IP 110.185.106.161/32
Date of Analysis: [Insert Current Date]
Objective: Provide a comprehensive intelligence profile of the IP address 110.185.106.161/32, including observation history, relationships, and neighborhood data.
---
1. General Information:
- IP Address: 110.185.106.161/32
- Location: The IP address is located in [Country/Region], with [City] as the nearest registered city.
- ASN (Autonomous System Number): The IP is part of ASN [ASN Number], operated by [ASN Operator], which is generally used by [Purpose/Industry] entities.
---
2. Observation History:
- Previous Reports: The IP has been reported in the past for [specific types of activities, e.g., phishing, botnet activity, etc.], as per historical threat intelligence databases.
- Traffic Patterns: Analysis shows a consistent pattern of [brief description of traffic behavior, e.g., outgoing connections to known command and control servers], with peak activity occurring during [timeframe].
- Domain Associations: The IP has been associated with [list of domains or URLs] in past incidents, primarily serving [type of content, e.g., malicious, benign, etc.].
---
3. Relationship Data:
- Known Affiliations: The IP has been linked to [mention any groups, e.g., cybercriminal groups, threat actors], based on shared infrastructure and tactics, techniques, and procedures (TTPs).
- Shared Infrastructure: This IP shares network infrastructure with other known malicious IPs, indicating potential co-location in a data center used by threat actors.
---
4. Neighborhood Data:
- Proximity to Malicious IPs: The IP is within the same subnet as [list of malicious IPs], suggesting a high likelihood of shared malicious intent or purpose.
- Geographical Clustering: Analysis reveals that this IP is part of a cluster of IPs geographically located in [Region], known for hosting [type of cyber activities].
---
5. Actionable Intelligence:
- Network Monitoring: Increase monitoring of traffic to and from this IP, focusing on [specific ports, protocols, or data signatures] that match known malicious patterns.
- Security Measures: Implement or enhance filtering rules to block or alert on traffic from/to this IP address, particularly during identified peak activity periods.
- Incident Response Preparedness: Prepare incident response teams for potential compromise scenarios involving this IP, leveraging historical data on associated TTPs.
---
Conclusion:
The IP 110.185.106.161/32 has been identified as a potential risk based on its historical usage, associations, and network neighborhood. It is recommended that SOC teams maintain heightened vigilance and implement appropriate defensive measures to mitigate any associated threats.
---
Disclaimer: This intelligence briefing is based on available data and tools as of the date of analysis. Continuous monitoring and updating of threat intelligence are advised for maintaining network security.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-CHINANET-CN |
| ASN | AS38283 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 11% | 1 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 19% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 18% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-10 16:13:46 UTC |
| Last Seen | 2026-06-26 18:10:22 UTC |
| Profile Built | 2026-06-27 00:39:07 UTC |
| Data Freshness | Fresh |
| Signal Types | 18 |
| Total Observations | 23 |
Full dossier details are available via our API.