153.0.127.134
IP Intelligence Briefing: 153.0.127.134
Date: 2026-06-10
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Ownership: ChinaUnicom Hostmaster (ASN 4837, apnic)
- Geolocation: China (P.R. China), Shanghai, Latitude 34.77, Longitude 113.72
- Network Role: Mobile (LTE/5G) | No public services | Firewalled
- Threat Indicators: No active malware, phishing, or exploit activity detected.
---
**2. Threat & Security Signals**
- DNSBL Listings: Flagged by 2/8 DNSBLs (low-severity).
- DNSSEC: Validated.
- BGP: Stable route (prefix 153.0.0.0/16), no route changes in 30 days.
- Historical Observations (Last 30 Days):
- Mixed signals (DNSSEC, threat routing, DNSBL).
- No persistent malicious activity.
- No correlation with known campaigns or C2 infrastructure.
---
**3. Relationships & Network Context**
- Linked Entities:
- Subnet: 153.0.0.0/16 (ChinaUnicom "UNICOM-HI").
- No direct ties to known malicious organizations or domains.
- Neighboring IPs (153.0.127.120):
- Moderate risk (50/100).
- Subnet abuse density: 0% (low risk).
---
**4. Actionable Insights**
- Monitor DNS Activity: Investigate DNSBL listings for potential false positives or misconfigurations.
- Verify Mobile Carrier Use: Confirm legitimate mobile LTE/5G usage given ownership by ChinaUnicom.
- No Immediate Mitigation Needed: No active threats, but DNSBL flags suggest further validation.
---
Conclusion:
153.0.127.134 is a mobile carrier IP with no direct malicious activity. While it has minimal DNSBL flags, the lack of threat indicators and stable BGP routing suggest it is likely legitimate. Continue monitoring DNSSEC and DNSBL status for anomalies.
Recommended Tools: DNS lookup, DNSBL validation, and mobile carrier traffic analysis.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | ChinaUnicom Hostmaster |
| ASN | AS4837 |
| Network Name | UNICOM-HI |
| CIDR Block | 153.0.0.0/16 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 1 | 2 |
| routing | 19% | 1 | 2 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 16% | 6 | 9 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-23 18:28:52 UTC |
| Last Seen | 2026-06-10 10:07:07 UTC |
| Profile Built | 2026-06-10 10:16:08 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 15 |
Full dossier details are available via our API.