111.70.29.130
IP Intelligence Briefing: 111.70.29.130
Date: 2026-06-07
---
**Core Profile**
- Risk Score: 40 (Moderate Risk)
- Geolocation: Taiwan (TW), Taipei City, Latitude 23.7, Longitude 120.96
- Ownership: Unregistered (ASN, orgName, rir fields null)
- Threat Indicators: No malicious indicators, not listed in blacklists, no known campaigns.
- Network Role: Firewalled host with no open ports/services detected.
- DNS: Resolves to `111-70-29-130.emome-ip.hinet.net` (HINET, Taiwanese ISP).
---
**Observation History**
- Recent Activity:
- 2026-06-07: Basic risk signal (0.60 confidence), no threat indicators.
- 2026-05-30: Subnet abuse density noted (0.625), high-risk classification for subnet.
- Trend: Low-risk activity, no persistent threats or anomalies detected.
---
**Network Relationships**
- DNS Associations: Linked to `111-70-29-130.emome-ip.hinet.net` (HINET).
- Subnet: Part of `111.70.29.130/24` with high abuse density (0.429).
- Neighbors:
- 3 IPs with high risk (80β70 score), 4 with medium risk (55β40 score).
- Subnet contains 7 active IPs, 5 of which are flagged for abuse.
---
**Threat Context**
- No Direct Malicious Activity: No indicators of spam, attacks, or compromised behavior.
- Subnet Risk: Elevated abuse density suggests potential for related malicious activity.
- ISP Context: HINET is a legitimate Taiwanese ISP, but the subnetβs high-risk classification warrants closer scrutiny.
---
**Actionable Recommendations**
1. Monitor Subnet: Track traffic patterns in `111.70.29.130/24` for unusual behavior (e.g., outbound scans, DNS anomalies).
2. Verify Ownership: Confirm ownership with HINET or investigate unregistered ASN.
3. Check for Misconfiguration: Ensure firewalled host is not unintentionally exposing services.
4. Correlate with Neighbors: Investigate high-risk neighbors for potential lateral movement or shared infrastructure.
Conclusion: While the IP itself is not malicious, its subnetβs high abuse density and lack of ownership details necessitate further investigation to rule out indirect risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Unknown |
| ASN | β |
| Network Name | β |
| CIDR Block | β |
| RIR | β |
| Country | β |
| Abuse Contact | β |
π DNS Intelligence
| PTR | 111-70-29-130.emome-ip.hinet.net |
| Forward Confirmed | Yes β FCrDNS verified |
| Forward Hostnames | 111-70-29-130.emome-ip.hinet.net |
π DNS Hygiene
| Hygiene Score | 80% (Excellent) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 19% | 2 | 2 |
| reputation | 13% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 16% | 9 | 10 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-15 02:49:26 UTC |
| Last Seen | 2026-06-26 18:10:24 UTC |
| Profile Built | 2026-06-07 10:49:35 UTC |
| Data Freshness | Live |
| Signal Types | 17 |
| Total Observations | 17 |
Full dossier details are available via our API.