101.126.64.76
IP Intelligence Briefing: 101.126.64.76
*Generated via IPDebrief tools: Profile, History, Relationships, Neighbors*
---
**1. Core Risk Assessment**
- Risk Score: Moderate (50/100)
- Threat Indicators: No active malware, phishing, or exploit campaigns detected.
- DNSBL Listings: Flagged in 2/8 DNSBLs (high-risk listings).
- Network Role: Firewalled / No Services (no open ports or TLS/HTTP activity).
---
**2. Geolocation & Ownership**
- Country: China (CN)
- ASN: 137718 (IRT-VOLCANO-ENGINE-CN)
- Subnet: 101.126.64.0/21 (part of a larger network).
- Abuse Density: Subnet classified as "mostly clean" (0 abuse density).
---
**3. Historical Observations**
- Recent Activity (June 8, 2026):
- Listed in 2 high-risk DNSBLs (e.g., Spamhaus, Emerging Threats).
- No active scans or exploits detected.
- Geolocation Validation (June 1, 2026):
- ICMP blocked; geo-plausible location inferred (35.86°N, 104.2°E).
- Distance to probe: ~8,033 km (potential latency issues).
---
**4. Network Relationships**
- Linked Entities:
- Part of the VOLCANO-ENGINE network (ASN 137718).
- No connections to known malicious organizations, domains, or certificates.
- Services: No open ports, TLS certs, or HTTP services detected.
---
**5. Neighborhood Analysis**
- Subnet: 101.126.64.0/24
- Neighbor Count: 0 active IPs in the subnet (likely a /24 with no siblings).
- Abuse Density: 0 (subnet is "mostly clean").
---
**6. Recommendations**
- Monitor DNSBL Listings: Investigate why this IP is flagged in 2 DNSBLs.
- Check Subnet Activity: Ensure no other IPs in 101.126.64.0/24 are malicious.
- Geolocation Validation: Confirm if the IP is a legitimate China-based entity or a spoofed location.
- Firewall Rules: Consider blocking DNSBL-listed IPs (e.g., Spamhaus, Emerging Threats).
---
Conclusion: The IP shows no active threats but has historical DNSBL listings. While not currently malicious, its association with a limited network and DNSBL flags warrants further investigation. SOC teams should monitor for any changes in behavior or new threats.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | IRT-VOLCANO-ENGINE-CN |
| ASN | AS137718 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | APNIC |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 โ Basic operator with some routing infrastructure |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 25% | 2 | 4 |
| routing | 22% | 3 | 3 |
| services | 15% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 23% | 12 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (65%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:23 UTC |
| Last Seen | 2026-06-26 18:10:09 UTC |
| Profile Built | 2026-06-22 05:25:07 UTC |
| Data Freshness | Live |
| Signal Types | 23 |
| Total Observations | 24 |
Full dossier details are available via our API.