180.76.105.16
IP Intelligence Briefing: 180.76.105.16
Date: 2026-06-08
---
**1. Core Profile**
- Risk Score: 50 (Moderate Risk)
- Ownership: Baidu Noc (ASN 38365), registered to Baidu under APNIC.
- Geolocation: China (Shanghai), latitude 34.77, longitude 113.72.
- Threat Indicators: No active malicious indicators (no known attacker, spam, or Tor exit).
- Network Role: Baidu infrastructure (firewalled, no public services).
---
**2. Observation History**
- Recent Activity (2026-06-08):
- Listed in 1 high-severity threat feed (confidence 85%).
- Geolocation validated as plausible for China.
- Historical Activity (2026-05-30):
- Listed in 2 high-severity threat feeds (confidence 85%).
- BGP prefix confirmed as 180.76.96.0/20 (Baidu ASN 38365).
---
**3. Relationships**
- Linked Entities:
- Baidu network (ASN 38365).
- No external DNS or certificate relationships.
- Subnet Context:
- Part of 180.76.0.0/16 (Baiduโs APNIC allocation).
---
**4. Neighborhood Analysis**
- Subnet (180.76.105.16/24):
- Abuse Density: 0% (low risk).
- Neighbors:
- 180.76.105.69 (Risk: 50, Authority: 50).
- 180.76.105.165 (Risk: 25, Authority: 50).
- 180.76.105.176 (Risk: 0, Authority: 50).
---
**5. Threat Context**
- Risk Trends:
- No persistent malicious activity; threat observations are isolated.
- Actionable Insights:
- Monitor for DNS or TLS anomalies (no active services detected).
- Track Baiduโs subnet for potential lateral movement or infrastructure changes.
---
Recommendations:
- SOC Actions:
- Flag the IP for further investigation due to historical threat feed listings.
- Validate DNSSEC and CAA records for subdomains (no hosted domains detected).
- Monitor neighboring IPs for unexpected traffic patterns.
Final Note: The IP is associated with Baiduโs infrastructure but shows no current malicious behavior. Historical threat listings suggest cautious monitoring.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Baidu Noc |
| ASN | AS38365 |
| Network Name | Baidu |
| CIDR Block | 180.76.0.0/16 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 13% | 1 | 2 |
| geolocation | 13% | 1 | 1 |
| Overall | 18% | 8 | 11 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-17 09:10:01 UTC |
| Last Seen | 2026-06-13 03:45:08 UTC |
| Profile Built | 2026-06-08 06:13:22 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 20 |
Full dossier details are available via our API.