114.217.149.27
IP Intelligence Briefing: 114.217.149.27
Date: 2026-06-17
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Ownership: China Telecom (AS4134), part of ChinaNet infrastructure.
- Geolocation: China (CN), inferred via mobile carrier data.
- Network Role: Mobile device (LTE/5G), not a cloud, CDN, or residential IP.
- Threat Indicators:
- Listed in 8 threat feeds (2 high-severity listings).
- No open ports or active services detected.
- No TLS certificates or HTTP banners.
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- High-severity threat listing (June 17, 2026) with 8 feeds.
- Lower-confidence observation (June 10, 2026) with 2 feeds.
- No persistent malicious behavior or network changes.
---
**3. Relationships**
- Network Affiliation:
- Part of CHINANET-JS subnet (China Telecom).
- No direct links to known malicious organizations or domains.
- DNS/Email:
- No DNS records or email authentication (SPF/DKIM) detected.
---
**4. Neighborhood Analysis**
- Subnet: 114.217.149.27/24
- Abuse Density: 0% (no malicious neighbors detected).
- Subnet Classification: "Mostly clean" with no active threats.
---
**5. Recommendations**
- Monitor: Track threat feed listings and network behavior for anomalies.
- Block/Rate Limit: Consider blocking the IP due to high-severity threat associations.
- Investigate: Verify if the mobile device is linked to known compromised assets.
---
Note: The IP is part of a legitimate ISP network but requires closer scrutiny due to threat feed activity. No immediate action is required for the subnet, but the IP itself should be flagged for further analysis.
Source: IPDebrief Threat Intelligence Platform.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Chinanet Hostmaster |
| ASN | AS4134 |
| Network Name | โ |
| CIDR Block | 114.216.0.0/13 |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 4 |
| routing | 30% | 3 | 4 |
| services | 24% | 2 | 3 |
| ownership | 24% | 3 | 4 |
| reputation | 23% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 25% | 13 | 20 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:31 UTC |
| Last Seen | 2026-06-22 09:46:01 UTC |
| Profile Built | 2026-06-22 09:55:42 UTC |
| Data Freshness | Live |
| Signal Types | 27 |
| Total Observations | 30 |
Full dossier details are available via our API.