58.58.122.14
IP Intelligence Briefing: 58.58.122.14/32
Date: 2026-06-18
---
**1. Risk Profile**
- Risk Score: 80/100 (High Risk)
- Provider: China Telecom (ASN 4134)
- Ownership: Registered to "Xin Ruosheng" under CHINANET-SD (China Telecom).
- Geolocation: China (CN), mobile network (LTE/5G).
- Threat Indicators: No direct malicious activity detected (no indicators, blacklists, or campaigns).
---
**2. Network Context**
- Mobile Carrier: China Telecom (MCC 460, MNC 03).
- Network Role: Mobile device (not residential, cloud, or CDN).
- BGP Data:
- AS Path: 3303 4134
- Route Stability: Stable (no recent changes).
- DNSSEC: Valid.
- Subnet: 58.58.122.14/24 (abuse density: 0, no risky neighbors).
---
**3. Observation History**
- Signals:
- Confirmed as a mobile network device with consistent routing.
- No spikes in threat activity or DNS anomalies.
- Temporal Trends: No persistent malicious behavior detected over 30 days.
---
**4. Relationships**
- Linked Entities:
- Repeatedly associated with CHINANET-SD (same network).
- No connections to hostnames, certificates, or other IPs.
---
**5. Actionable Recommendations**
- Block the IP:
- Firewall Rules:
- `iptables -A INPUT -s 58.58.122.14 -j DROP`
- `nft add rule inet filter input ip saddr 58.58.122.14 drop`
- Cloudflare/WAF: Block IP with description "IPDebrief risk 80".
- Monitoring: Increase logging verbosity for this IP due to elevated risk.
---
**6. Analysis Summary**
This IP is part of China Telecomβs mobile network, registered to a telecom entity. While no direct malicious activity is detected, its high risk score (80) and mobile nature warrant monitoring. The lack of neighboring IPs and stable routing suggest it may represent a single device. SOC teams should block this IP and investigate if it correlates with other suspicious activity.
Next Steps: Validate against internal threat feeds and monitor for unexpected traffic patterns.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Xin Ruosheng |
| ASN | AS4134 |
| Network Name | CHINANET-SD |
| CIDR Block | 58.59.0.0/17 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Mobile |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 4 |
| routing | 27% | 2 | 3 |
| services | 15% | 2 | 2 |
| ownership | 30% | 3 | 4 |
| reputation | 24% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 24% | 12 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:30 UTC |
| Last Seen | 2026-06-26 14:31:54 UTC |
| Profile Built | 2026-06-23 18:56:51 UTC |
| Data Freshness | Live |
| Signal Types | 24 |
| Total Observations | 25 |
Full dossier details are available via our API.