27.24.141.147
IP Intelligence Briefing: 27.24.141.147
Date: 2026-06-03
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Ownership:
- ASN: 4134
- Organization: Zhengding Cai (CHINANET-HB)
- ISP: China Telecom
- Geolocation: P.R. China (CN)
- Network Role: Mobile network (LTE/5G) with no public services or hosting.
- Threat Indicators: No direct malicious activity detected, but subnet (27.24.141.0/24) shows high abuse density (0.6667) and 8/12 neighbors flagged as high-risk.
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- Consistent high-risk classification with abuse density and neighbor risk scores.
- DNS resolution issues noted (timed-out queries to internal DNS servers).
- No significant changes in threat signals or network behavior.
---
**3. Relationships & Network Context**
- Linked Entities:
- Subnet: 27.24.141.0/24 (12 IPs, 9 active; 8 high-risk neighbors).
- Organization: CHINANET-HB (China Telecom).
- DNS Associations: Failed to resolve hostnames, suggesting potential misconfiguration or spoofing.
---
**4. Neighborhood Analysis**
- Subnet Risk:
- Abuse Density: 66.67% (high-risk classification).
- High-Risk Neighbors: 8/12 IPs (risk scores โฅ80).
- Inherited Risk: 20% (likely due to compromised subnet).
- Notable Neighbors:
- IPs 27.24.141.88, 95, 111, 112, 119, 122, 156, 160โ161, 169 (all high-risk).
---
**5. Recommendations**
- Block/Restrict: Implement network rules to block traffic from 27.24.141.0/24 due to high abuse density and compromised neighbors.
- Monitor Subnet: Continuously observe the subnet for lateral movement or new threats.
- Investigate DNS Issues: Verify DNS configuration or potential spoofing in the 27.24.141.0/24 range.
- Validate Geolocation: Cross-check IP ownership with China Telecom to confirm legitimate mobile network activity.
---
Note: This IP is part of a high-risk subnet managed by a Chinese ISP. While no direct malicious activity is detected, the network environment warrants close monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Zhengding Cai |
| ASN | AS4134 |
| Network Name | CHINANET-HB |
| CIDR Block | 27.16.0.0/12 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 23% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 22% | 10 | 16 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:15 UTC |
| Last Seen | 2026-06-26 18:11:12 UTC |
| Profile Built | 2026-06-23 09:44:41 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 26 |
Full dossier details are available via our API.