219.146.75.30
IP Intelligence Briefing: 219.146.75.30
Date: 2026-06-18
---
**1. Core Risk Profile**
- Risk Score: 80 (High Risk)
- Ownership:
- ASN: 4134 (CHINANET-SD, China Telecom)
- Organization: Xin Ruosheng (apnic registrant)
- Country: China (CN)
- Threat Indicators:
- No direct malware campaigns or known attacker associations.
- DNSBL Listings: 5/8 total lists (moderate risk).
- DNSSEC Validity: Confirmed.
- Network Role:
- Mobile Carrier: China Telecom (LTE/5G).
- Subnet: 219.146.75.30/24 (part of larger 219.146.0.0/16 block).
- Classification: "Firewalled / No Services" (no open ports or TLS services detected).
---
**2. Observation History**
- Recent Activity (2026-06-18):
- DNSSEC Validity: Confirmed (score: 0.15).
- Operator Risk Score: 0.13 (Minimal).
- Geolocation: Inferred as China (35.86°N, 104.2°E) with 2500km accuracy radius.
- Threat Signals: No active malicious campaigns or spam sources.
---
**3. Network Relationships**
- Shared Network:
- Linked to CHINANET-SD (China Telecom) and 219.146.0.0/16 subnet.
- Subnet Abuse Density: 1 (mostly clean, but inherited risk score of 2).
- Neighbors:
- No neighboring IPs found in the 219.146.75.30/24 subnet (data may be incomplete).
---
**4. Actionable Insights**
- Risk Context:
- High-risk score despite no direct malicious activity, likely due to DNSBL listings and mobile carrier association.
- Monitor for unexpected traffic patterns or DNS changes.
- Recommendations:
- Block/Restrict: Consider blocking this IP if itβs associated with unauthorized access attempts.
- Verify DNSBL: Investigate the 5 DNSBL listings (e.g., Spamhaus, Barracuda) to confirm legitimacy.
- Network Segmentation: Ensure mobile carrier traffic is isolated from internal networks.
---
Conclusion:
219.146.75.30 is a high-risk IP linked to China Telecomβs mobile network, with moderate DNSBL exposure. While no direct malicious activity is detected, its association with a high-risk subnet and DNSBL listings warrants closer monitoring. SOC teams should validate DNSBL entries and segment mobile carrier traffic to mitigate potential threats.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Xin Ruosheng |
| ASN | AS4134 |
| Network Name | CHINANET-SD |
| CIDR Block | 219.147.0.0/19 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | β |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 33% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 24% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 21% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:12 UTC |
| Last Seen | 2026-06-26 14:31:36 UTC |
| Profile Built | 2026-06-23 08:19:05 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 18 |
Full dossier details are available via our API.