114.101.79.13
IP Intelligence Briefing: 114.101.79.13
*Generated via IPDebrief Threat Intelligence Platform*
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Ownership:
- ASN: 4134 (China Telecom)
- Organization: Jinneng Wang (CHINANET-AH)
- Geolocation: Hefei, China (Mobile carrier: China Telecom, LTE/5G)
- Threat Indicators:
- No direct malware/C2 indicators observed.
- DNS: No resolvable PTR records or associated domains.
- Network Role: Mobile (LTE/5G) with no public services (ports, TLS, HTTP).
- Mobile Carrier: China Telecom (MCC 460, MNC 03).
---
**2. Observation History**
- Recent Activity (June 2026):
- High-risk listings (8 total): 2 high-severity threats detected.
- Network Scans: No open ports or services detected.
- Geolocation: Plausible (Hefei, China) but ICMP blocked, limiting validation.
- Stability: No recent ownership changes; IP has been consistently attributed to China Telecom.
---
**3. Relationships & Context**
- Network Affiliation:
- Subnet: 114.101.79.13/24 (part of CHINANET-AH, China Telecom).
- No active neighbors detected in the subnet (abuse density: 0).
- Threat Associations:
- No direct links to known malicious campaigns, domains, or certificates.
- DNS: No resolved hostnames or email authentication records (SPF/DKIM).
---
**4. Actionable Insights**
- Risk Mitigation:
- Monitor for anomalous traffic patterns, given the high-risk score and mobile network context.
- Consider blocking the IP in firewalls (e.g., iptables, Cloudflare WAF) due to its association with high-risk listings.
- Investigation:
- Verify if the IP is part of a larger network compromise (e.g., mobile carrier breaches).
- Check for indirect connections to malicious infrastructure via shared subnets or DNS providers.
---
SOC Recommendation:
- Prioritize monitoring for lateral movement or data exfiltration attempts from this mobile subnet.
- Validate the IPβs legitimacy with China Telecomβs abuse contact if suspicious activity persists.
*Data sourced from IPDebriefβs real-time threat intelligence feeds.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Jinneng Wang |
| ASN | AS4134 |
| Network Name | CHINANET-AH |
| CIDR Block | 114.96.0.0/13 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 2 |
| routing | 30% | 3 | 4 |
| services | 24% | 2 | 3 |
| ownership | 30% | 3 | 4 |
| reputation | 17% | 1 | 2 |
| geolocation | 26% | 2 | 3 |
| Overall | 25% | 13 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:31 UTC |
| Last Seen | 2026-06-22 09:44:10 UTC |
| Profile Built | 2026-06-22 09:56:45 UTC |
| Data Freshness | Live |
| Signal Types | 27 |
| Total Observations | 30 |
Full dossier details are available via our API.