49.77.24.228
# Intelligence Briefing: 49.77.24.228/32
Date: 2026-06-26
Classification: Defensive Intelligence Report
Subject: IP Address Profile and Threat Assessment
## Executive Summary
IP address 49.77.24.228 is a low-risk mobile IP assignment associated with China Telecom's network infrastructure in Nanjing, Jiangsu Province. The address exhibits minimal threat activity and is classified as Low Risk with a risk score of 25. No active malicious indicators, blacklisting, or campaign associations were identified during the assessment period.
## Network Ownership and Geolocation
| Field | Value |
|---|---|
| ASN | 4134 |
| Organization | CHINANET-JS Hostmaster |
| Country | China (CN) |
| Region | Jiangsu |
| City | Nanjing |
| RIR | APNIC |
| Mobile Carrier | China Telecom |
| Connection Technology | LTE/5G |
The IP address is assigned to CHINANET-JS network infrastructure under APNIC's regional management. Geolocation data indicates placement within Jiangsu Province's telecommunications network, with mobile carrier attribution to China Telecom (MCC: 460, MNC: 03).
## Network Classification
- Infrastructure Type: Mobile Network Assignment
- Service Purpose: Firewalled / No Services
- Open Ports: None detected
- TLS Certificate: Not present
- HTTP Services: None observed
The IP does not match provider, CDN, VPN, proxy, or hosting classifications. No open ports or web services were observed during scanning.
## Threat Indicators
| Indicator | Status |
|---|---|
| Risk Score | 25 (Low) |
| Blacklist Count | 0 |
| Is Tor Exit | No |
| Known Attacker | No |
| Spam Source | No |
| Known Campaigns | None |
| Pulsedive Risk | N/A |
No threat indicators, blacklist entries, or known malicious activity were associated with this IP address during the observation period.
## Control Plane Assessment
- BGP Prefix: 49.64.0.0/11
- Route Stability: Unstable
- DNSSEC Valid: Yes
- DNSBL Listed: 1 of 8 total lists
- RPKI State: Not evaluated
- IRR Consistency: Not evaluated
The control plane shows route instability but maintains DNSSEC validity. Minimal DNSBL presence suggests limited or transient reputation concerns.
## Neighborhood Analysis (49.77.24.0/24)
| Metric | Value |
|---|---|
| Abuse Density | 1 |
| Classification | Mostly Clean |
| Total Siblings | 1 |
| Active Siblings | 0 |
| Threat Siblings | 1 |
| Inherited Risk | 2 |
The /24 subnet demonstrates low abuse density with a "mostly_clean" classification. One threat sibling was identified within the neighborhood, indicating potential localized activity.
## Historical Activity
Analysis of 14 observations spanning the monitoring period reveals:
- Observation Count: 14
- Recent Activity: Minimal
- Persistent Malicious Behavior: None
- Threat Persistence Days: 0
- Ownership Changes: 0
Historical signals indicate no persistent malicious patterns. The IP has remained under consistent ownership with no significant threat activity observed over time.
## Relationships
Nine "Same Network" relationships were identified, all linking to CHINANET-JS network infrastructure. No certificate, hostname, or organization relationships beyond network-level associations were detected.
## Recommended Security Actions
Current Risk Level: Low (25/100)
No specific firewall rules or blocking recommendations were generated based on the risk profile. The IP exhibits characteristics consistent with legitimate mobile network infrastructure.
## Intelligence Assessment
49.77.24.228 represents a standard mobile IP allocation within China Telecom's Nanjing infrastructure. The combination of low risk score, absence of threat indicators, and clean neighborhood classification supports classification as benign infrastructure. However, the single threat sibling in the neighborhood and DNSBL listing warrant continued monitoring. No immediate defensive action is required, but ongoing traffic analysis may be appropriate for security operations.
---
*Report generated from IPDebrief intelligence platform. Data current as of 2026-06-26.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | CHINANET-JS Hostmaster |
| ASN | AS4134 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 24% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 8% | 1 | 1 |
| ownership | 27% | 2 | 3 |
| reputation | 22% | 1 | 3 |
| geolocation | 19% | 2 | 2 |
| Overall | 19% | 9 | 13 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-11 15:05:21 UTC |
| Last Seen | 2026-06-26 11:02:14 UTC |
| Profile Built | 2026-06-26 11:09:54 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 15 |
Full dossier details are available via our API.