101.200.214.99
IP Intelligence Briefing: 101.200.214.99
Date: 2026-06-10
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership: Registered to ALISOFT (ASN 37963, APNIC) under the netname ALISOFT.
- Geolocation: China, Beijing (latitude 39.91, longitude 116.4).
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services detected).
- Threat Indicators: No malicious campaigns, spam, or known attacker activity.
---
**2. Observation History**
- DNSSEC Valid: Confirmed.
- DNSBL Listings: 2 out of 8 DNSBLs (exact lists obscured).
- Traceroute: ICMP blocked; geolocation validated as plausible but unverifiable.
- BGP: Prefix 101.200.0.0/16 routed via ASN 37963 (ALIBABA-CN-NET).
- Stability: Route instability detected (30-day route changes).
---
**3. Relationships**
- Network Links:
- Directly associated with ALISOFT (same network).
- No External Hostnames/Certificates: No DNS or TLS records linked.
- No Known Campaigns: No correlation with malware, phishing, or exploit campaigns.
---
**4. Neighborhood Analysis**
- Subnet: 101.200.214.99/24.
- Neighbor Count: 0 active IPs in subnet (no siblings or shared network activity).
- Abuse Density: 0% (no malicious neighbors).
---
**5. Recommendations**
1. Monitor DNSBL Status: Investigate the 2 DNSBL listings (e.g., Spamhaus, Barracuda) for potential abuse.
2. Verify Geolocation: ICMP blocking may indicate network filtering; use alternative probes for validation.
3. Check BGP Stability: Route instability (16% operator score) could signal network misconfigurations or hijacks.
4. Secure DNSSEC: Confirm DNSSEC validation is enforced to prevent spoofing.
5. Network Segmentation: Since the IP is firewalled and has no services, ensure it is isolated from sensitive assets.
---
Conclusion:
The IP is part of a network linked to Alibaba Group but shows no direct malicious activity. While DNSBL listings and route instability warrant monitoring, the lack of open services and absence of threats suggest it is not an active attacker. SOC teams should prioritize validating DNSSEC and monitoring for unexpected BGP changes.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | security trouble |
| ASN | AS37963 |
| Network Name | ALISOFT |
| CIDR Block | 101.200.0.0/15 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-25 00:39:45 UTC |
| Last Seen | 2026-06-10 18:23:10 UTC |
| Profile Built | 2026-06-10 18:41:20 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 21 |
Full dossier details are available via our API.