218.17.240.5
IP Intelligence Briefing: 218.17.240.5
Date: 2026-06-03
---
**1. Risk Profile**
- Overall Risk: Low Risk (Risk Score: 0)
- Provider Score: 0 | Authority Score: 0 | Stability Score: 0
- Threat Indicators: None detected (no malware, phishing, or malicious campaigns linked).
---
**2. Ownership & Geolocation**
- ISP: China Telecom (ASN 4134, APNIC)
- Location: Guangdong, Guangzhou (Yuexiu Qu), China
- Mobile Carrier: China Telecom (LTE/5G)
- Geolocation Validity: ICMP blocked, unable to validate (high latency, potential proxy/VPN).
---
**3. Network Behavior**
- Subnet: 218.17.240.0/24 (abuse density: 0, no malicious neighbors detected).
- Services: No open ports, no TLS certificates, no HTTP services.
- Mobile Device: Likely a mobile device (no residential/residential-like patterns).
---
**4. Threat Observations**
- Historical Data:
- Last 30 days: 19 observations (geolocation, routing, DNS).
- No persistent malicious activity or campaign associations.
- DNS Activity:
- Failed DNS queries (timeout errors) to internal IPs (e.g., 192.168.2.108).
- No public domain associations or email authentication (SPF/DKIM).
---
**5. Relationships & Context**
- Network Links:
- Linked to "zhongguodianxin" network (China Telecom).
- No known malicious peers in the /24 subnet.
- Certificates: No TLS/SSL certificates found.
- Routing: BGP prefix 218.16.0.0/14, route stability: unstable.
---
**6. Recommendations**
- Monitor: Track DNS resolution attempts and geolocation validation attempts.
- Firewall: No immediate blocking required; focus on network segmentation for mobile devices.
- Investigate: DNS timeout errors may indicate misconfigured DNS settings or internal network issues.
Conclusion: 218.17.240.5 appears to be a legitimate mobile device on China Telecomβs network with no current threat indicators. However, DNS anomalies warrant further investigation to rule out internal network misconfigurations or potential spoofing.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | IPMASTER CHINANET-GD |
| ASN | AS4134 |
| Network Name | zhongguodianxin |
| CIDR Block | 218.17.240.0/24 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 30% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 26% | 2 | 3 |
| ownership | 15% | 2 | 2 |
| reputation | 23% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 23% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:12 UTC |
| Last Seen | 2026-06-23 08:02:54 UTC |
| Profile Built | 2026-06-23 08:11:29 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 23 |
Full dossier details are available via our API.