14.103.118.217
IP Intelligence Briefing: 14.103.118.217
Date: 2026-06-17
---
**1. Risk Profile**
- Overall Risk: Moderate (Risk Score: 40)
- Threat Indicators: No known malware, phishing, or exploitation indicators.
- Network Role: Firewalled / No Services (no open ports or TLS certificates detected).
- Ownership:
- ASN: 137718 (IRT-VOLCANO-ENGINE-CN, APNIC registry).
- Subnet: 14.103.112.0/20 (part of a larger network with high abuse density).
---
**2. Geolocation & Hosting**
- Country: China (CN).
- Region/City: Unspecified.
- Mobile Carrier: Not identified.
- Hosting: No web services, DNS records, or email auth detected.
---
**3. Threat & Behavior**
- Malicious Activity: No direct evidence of attacks, spam, or botnet participation.
- Subnet Risk:
- Abuse Density: 67.86% (high abuse classification).
- Neighbor Risk: 27/28 sibling IPs in 14.103.118.0/24 subnet show risk scores (19 high, 8 medium).
- Notable Neighbors:
- 14.103.118.61 (Risk: 65), 14.103.118.107 (Risk: 65), and 14.103.118.226 (Risk: 50) flagged as high/medium risk.
---
**4. Historical Observations**
- First Seen: June 2026.
- Signals:
- Geolocation inferred via multi-signal analysis (latitude: 35.86, longitude: 104.2, accuracy ~2500km).
- BGP prefix 14.103.112.0/20 linked to "VOLCANO-ENGINE" (Beijing Volcano Engine Technology Co., Ltd.).
---
**5. Relationships & Network**
- Shared Network: Linked to 36+ IPs under "VOLCANO-ENGINE" (APNIC).
- Control Plane:
- BGP route stability: Unstable (route changes detected).
- DNSSEC validation: Enabled.
- No CAA records or DNSBL listings.
---
**6. Recommendations**
1. Monitor Subnet: The 14.103.118.0/24 subnet has high abuse density. Investigate neighbors like 14.103.118.61 and 14.103.118.107 for potential lateral movement or compromised hosts.
2. Network Segmentation: Isolate or restrict traffic from this subnet if it connects to internal resources.
3. Threat Intelligence: Cross-reference with other feeds (e.g., DNS, TLS) to detect hidden services or compromised hosts.
4. Geolocation Verification: Validate the IPβs location due to inferred geolocation accuracy (2500km radius).
---
Note: No direct malicious activity detected, but the subnetβs high abuse density warrants further investigation.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | IRT-VOLCANO-ENGINE-CN |
| ASN | AS137718 |
| Network Name | VOLCANO-ENGINE |
| CIDR Block | 14.103.0.0/16 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 17% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 23% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 22% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:41 UTC |
| Last Seen | 2026-06-26 18:10:37 UTC |
| Profile Built | 2026-06-22 14:36:49 UTC |
| Data Freshness | Live |
| Signal Types | 18 |
| Total Observations | 21 |
Full dossier details are available via our API.