IP Intelligence Briefing: 124.115.64.192
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: Moderate (55/100)
- Ownership: China Telecom (ASN 4134), part of CHINANET-SN (APNIC).
- Geolocation: Xiβan, Shanxi Province, China (34.77°N, 113.72°E).
- Network Role: Mobile carrier (LTE/5G), no public services or hosting.
- Threat Indicators: No malicious activity detected (no indicators, blacklists, or campaigns).
---
**2. Observation History**
- Recent Activity:
- Minimal risk observed (DNSSEC validation, stable routing).
- No persistent malicious behavior; threat observation count is zero.
- Subnet abuse density: 0.5 (moderate risk in neighboring IPs).
---
**3. Relationships & Neighbors**
- Network Relationships:
- Linked to CHINANET-SN (same network).
- Neighboring IPs (124.115.64.0/24):
- 124.115.64.120: High risk (80/100), unknown authority.
- 124.115.64.149: Moderate risk (55/100), low authority.
- Subnet abuse density: 0.5 (2/4 IPs flagged).
---
**4. Key Findings**
- No Direct Threat: The IP itself shows no malicious indicators (no spam, attacks, or known campaigns).
- Subnet Risk: Two neighbors in the same /24 subnet have elevated risk scores, suggesting potential compromise.
- Mobile Carrier Context: Part of China Telecomβs mobile network, likely legitimate but vulnerable to neighbor-based attacks.
---
**5. Recommendations**
1. Monitor Neighbors: Investigate 124.115.64.120 for suspicious activity.
2. Network Segmentation: Isolate critical assets from shared subnets to mitigate lateral movement risks.
3. DNSSEC Validation: Confirm DNSSEC alignment with upstream providers to prevent spoofing.
4. Threat Feeds: Cross-reference with threat intelligence platforms for missed indicators.
Conclusion: While the IP is not malicious, its subnet contains risky neighbors. Prioritize monitoring and segmentation to protect against potential cascading threats.
---
*Generated by IPDebrief β Threat Intelligence for SOC Teams*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Chinanet Hostmaster |
| ASN | AS4134 |
| Network Name | CHINANET-SN |
| CIDR Block | 124.114.0.0/15 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 35% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 15% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-18 09:23:23 UTC |
| Last Seen | 2026-06-08 12:27:33 UTC |
| Profile Built | 2026-06-08 13:24:40 UTC |
| Data Freshness | Live |
| Signal Types | 16 |
| Total Observations | 16 |
Full dossier details are available via our API.