14.103.112.179
IP Intelligence Briefing: 14.103.112.179
Date: 2026-06-02
---
**1. Core Profile**
- Risk Score: 0 (Low Risk)
- Ownership:
- Organization: IRT-VOLCANO-ENGINE-CN (linked to ByteDance, per APNIC records)
- ASN: Unassigned
- Geolocation: China (latitude 34.77, longitude 113.72, Asia/Shanghai timezone)
- Threat Indicators:
- No malware distribution, C2 activity, or spam sources detected.
- Not listed in DNSBLs or blacklists.
- Network Role:
- Classified as "Firewalled / No Services" with no open ports or TLS certificates.
- Not part of CDN, cloud, mobile, or residential networks.
---
**2. Observation History**
- Latest Activity: June 2, 2026 (geolocation confirmed via MaxMind).
- Timeline:
- May 29, 2026: Ownership details registered with APNIC (ASN 14.103.0.0/16).
- May 30, 2026: Geolocation confirmed as China.
- Trend: No significant changes in risk scores or threat signals over 30 days.
---
**3. Network Relationships**
- Linked Entities:
- Subnet: 14.103.112.0/24 (part of VOLCANO-ENGINE network).
- Organizations: IRT-VOLCANO-ENGINE-CN (ByteDance).
- No direct links to malicious campaigns, honeypots, or other threat actors.
---
**4. Subnet Neighbors**
- Subnet: 14.103.112.0/24 (23 total IPs).
- Risk Distribution:
- Medium Risk: 19 IPs (avg. score 50).
- Low Risk: 4 IPs (avg. score 25).
- High Risk: 0 IPs.
- Notable Neighbors:
- 14.103.112.1 (score 40), 14.103.112.100 (score 40), 14.103.112.243 (score 40).
- Abuse Density: 0 (no reported abuse in subnet).
---
**5. Recommended Actions**
- Monitor Subnet: Track high-risk neighbors (e.g., 14.103.112.1) for anomalous activity.
- Verify Network Segmentation: Ensure isolation between low-risk IPs and higher-risk subnets.
- Maintain Allowlist: Retain the IP in whitelists due to low risk and legitimate ownership.
- Investigate Neighbors: Investigate medium-risk neighbors if they exhibit unexpected behavior.
---
Conclusion: 14.103.112.179 is a low-risk IP associated with a legitimate organization (ByteDance). While the subnet contains some medium-risk neighbors, the IP itself shows no malicious indicators. SOC teams should focus on monitoring the broader network for potential lateral movement or compromised neighbors.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-VOLCANO-ENGINE-CN |
| ASN | AS4811 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 3 |
| routing | 17% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 20% | 2 | 3 |
| reputation | 23% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 20% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:40 UTC |
| Last Seen | 2026-06-26 18:10:37 UTC |
| Profile Built | 2026-06-22 14:21:56 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 16 |
Full dossier details are available via our API.