114.106.135.253
IP Intelligence Briefing: 114.106.135.253
Date: 2026-06-09
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Ownership:
- ASN: 4134 (China Telecom)
- Organization: Jinneng Wang (CHINANET-AH)
- Geolocation: Hefei, China (latitude 35.86, longitude 104.2)
- Network Role: Mobile Carrier (China Telecom) β LTE/5G technology, no public services detected.
- Threat Indicators: No malicious activity, spam, or known attacker associations.
---
**2. Temporal Observations**
- Latest Activity: 2026-06-09
- Geolocation inferred via multi-signal analysis (2500km accuracy).
- Operator score: Minimal (0.13).
- No persistent malicious behavior or DNS anomalies.
---
**3. Relationships & Subnet**
- Linked Entities:
- Same network: CHINANET-AH (ASN 4134).
- Subnet Neighbors (114.106.135.0/24):
- 2 IPs flagged at High Risk (50), 1 at Medium Risk (25), 1 unknown.
- Subnet abuse density: 0%.
---
**4. Actionable Recommendations**
- Firewall Blocking Rules:
- iptables: `iptables -A INPUT -s 114.106.135.253 -j DROP`
- Cloudflare WAF: Block IP with rule `{ "action": "block", "expression": "ip.src eq 114.106.135.253" }`
- AWS WAF: Add `114.106.135.253/32` to IP set.
- Monitoring:
- Investigate neighboring IPs with higher risk scores (e.g., 114.106.135.247).
- Verify geolocation consistency with network traffic patterns.
---
Conclusion:
This IP is part of China Telecomβs mobile carrier network with no direct malicious indicators. However, its subnet contains higher-risk IPs, warranting closer scrutiny. Implement blocking rules for mitigation and monitor related subnets for potential lateral movement.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Jinneng Wang |
| ASN | AS4134 |
| Network Name | CHINANET-AH |
| CIDR Block | 114.104.0.0/14 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-21 14:55:53 UTC |
| Last Seen | 2026-06-09 09:57:56 UTC |
| Profile Built | 2026-06-09 10:17:18 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 19 |
Full dossier details are available via our API.