180.76.236.214
IP Intelligence Briefing: 180.76.236.214
Date: 2026-06-02
---
**1. Core Profile**
- Reputation: Moderate Risk (Risk Score: 65)
- Ownership:
- ISP: Baidu Noc (ASN: 38365)
- Country: China (CN)
- Network: 180.76.0.0/16 (Baidu)
- Geolocation:
- Country: China
- Validation: ICMP blocked; geolocation inferred with 8,033 km distance.
- Threat Indicators:
- No malware, phishing, or spam associations.
- No DNSBL listings or known attacker campaigns.
---
**2. Network Behavior**
- Services:
- No open ports or TLS certificates detected.
- No HTTP server banners or email authentication records.
- Network Role:
- Classified as "Firewalled / No Services."
- Likely internal infrastructure (no CDN, VPN, or mobile carrier flags).
- BGP Analysis:
- Route origin: Baidu (ASN 38365).
- Route stability: Unstable (route changes in last 30 days).
- DNSSEC validation: Enabled.
---
**3. Observation History**
- Recent Activity (Last 7 Days):
- 15 observations, primarily ICMP and BGP data.
- Most signals have low confidence (โค 0.85).
- No persistent malicious behavior or threat persistence.
- Notable Findings:
- ICMP validation failed, suggesting network restrictions.
- Minimal route stability issues (0 route changes in 30 days).
---
**4. Relationships**
- Linked Entities:
- Directly tied to Baidu Noc (ASN 38365).
- No external subnets, domains, or certificates associated.
- Threat Correlation:
- No linked campaigns, honeypots, or WAF violations.
---
**5. Neighborhood Analysis**
- Subnet: 180.76.236.214/24
- Neighbor Risk:
- 0 active IPs in subnet.
- No abuse density or risky siblings detected.
- Subnet Classification: "Mostly Clean" with no inherited risks.
---
**6. Recommendations**
- Monitoring:
- Track ICMP validation attempts, as the IP blocks ICMP requests.
- Monitor for unexpected BGP route changes or new service exposure.
- Mitigation:
- No immediate firewall rules or actions required.
- Validate if the IP is part of a larger network segment requiring internal controls.
---
Conclusion:
180.76.236.214 is a static, firewalled IP associated with Baiduโs internal infrastructure. While no malicious activity is detected, its geolocation in China and lack of service exposure warrant continued monitoring. SOC teams should focus on verifying network segmentation and ensuring no unintended access points exist.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Baidu Noc |
| ASN | AS38365 |
| Network Name | Baidu |
| CIDR Block | 180.76.0.0/16 |
| RIR | APNIC |
| Country | CN |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 34% | 2 | 4 |
| routing | 17% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 23% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 23% | 10 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-07 23:03:58 UTC |
| Last Seen | 2026-06-26 08:23:24 UTC |
| Profile Built | 2026-06-25 17:11:37 UTC |
| Data Freshness | Fresh |
| Signal Types | 18 |
| Total Observations | 18 |
Full dossier details are available via our API.