218.84.40.37
IP Intelligence Briefing: 218.84.40.37
Date: 2026-06-04
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership:
- AS: AS4134 (China Telecom)
- Organization: Chinanet Hostmaster (CHINANET-XJ)
- Location: Xinjiang, China (Xingfulu)
- Geolocation:
- Coordinates: Unresolved (ICMP blocked)
- Approximate distance from probe: 8,033 km (plausible, but unverified)
- Network Role:
- Mobile (LTE/5G)
- No open ports/services detected
- BGP prefix: `218.84.0.0/16`
---
**2. Threat & Risk Indicators**
- Threat Signals:
- 26 pulse detections (unspecified sources)
- No malicious indicators (no blacklists, campaigns, or abuse reports)
- Abuse Density:
- Subnet `218.84.40.37/24` has 1 abuse report (low density).
- No active malicious neighbors.
- Historical Trends:
- Recent observations show stable geolocation and network attributes.
- No persistent malicious activity detected.
---
**3. Relationships & Network Context**
- Linked Entities:
- Subnet: `218.84.0.0/16` (CHINANET-XJ)
- Provider: China Telecom (MCC 460, MNC 03)
- Subnet Analysis:
- 1 sibling IP in `218.84.40.0/24` (abuse density: 1).
- No active malicious siblings.
---
**4. Actionable Insights**
- SOC Recommendations:
- Monitor for unexpected network changes (e.g., new services, geolocation shifts).
- Validate geolocation with alternative methods due to ICMP blocking.
- Watch for anomalies in the `218.84.0.0/16` subnet, given historical threat pulses.
- Firewall/Network Rules:
- No immediate blocking required (low-risk profile).
- Consider whitelisting based on China Telecomβs mobile infrastructure context.
---
Conclusion:
218.84.40.37 is a low-risk IP associated with China Telecomβs mobile network in Xinjiang. While historical data shows minor threat pulses, no active malicious activity is detected. The subnet has minimal abuse density, but further validation of geolocation and monitoring for anomalies are recommended.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Chinanet Hostmaster |
| ASN | AS4134 |
| Network Name | CHINANET-XJ |
| CIDR Block | 218.84.0.0/16 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 11% | 1 | 2 |
| ownership | 15% | 2 | 2 |
| reputation | 21% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 19% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:12 UTC |
| Last Seen | 2026-06-23 08:12:46 UTC |
| Profile Built | 2026-06-23 08:44:39 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 23 |
Full dossier details are available via our API.