IPDebrief

180.76.236.214

IP Intelligence Dossier
Your IP: 216.73.216.123
{ } JSON ๐Ÿ”ง Full Actions API
๐Ÿค– Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

IP Intelligence Briefing: 180.76.236.214

Date: 2026-06-02

---

**1. Core Profile**

- ISP: Baidu Noc (ASN: 38365)

- Country: China (CN)

- Network: 180.76.0.0/16 (Baidu)

- Country: China

- Validation: ICMP blocked; geolocation inferred with 8,033 km distance.

- No malware, phishing, or spam associations.

- No DNSBL listings or known attacker campaigns.

---

**2. Network Behavior**

- No open ports or TLS certificates detected.

- No HTTP server banners or email authentication records.

- Classified as "Firewalled / No Services."

- Likely internal infrastructure (no CDN, VPN, or mobile carrier flags).

- Route origin: Baidu (ASN 38365).

- Route stability: Unstable (route changes in last 30 days).

- DNSSEC validation: Enabled.

---

**3. Observation History**

- 15 observations, primarily ICMP and BGP data.

- Most signals have low confidence (โ‰ค 0.85).

- No persistent malicious behavior or threat persistence.

- ICMP validation failed, suggesting network restrictions.

- Minimal route stability issues (0 route changes in 30 days).

---

**4. Relationships**

- Directly tied to Baidu Noc (ASN 38365).

- No external subnets, domains, or certificates associated.

- No linked campaigns, honeypots, or WAF violations.

---

**5. Neighborhood Analysis**

- 0 active IPs in subnet.

- No abuse density or risky siblings detected.

---

**6. Recommendations**

- Track ICMP validation attempts, as the IP blocks ICMP requests.

- Monitor for unexpected BGP route changes or new service exposure.

- No immediate firewall rules or actions required.

- Validate if the IP is part of a larger network segment requiring internal controls.

---

Conclusion:

180.76.236.214 is a static, firewalled IP associated with Baiduโ€™s internal infrastructure. While no malicious activity is detected, its geolocation in China and lack of service exposure warrant continued monitoring. SOC teams should focus on verifying network segmentation and ensuring no unintended access points exist.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

๐ŸŒ Geolocation

Country๐Ÿ‡จ๐Ÿ‡ณ China
Regionโ€”
Cityโ€”
Timezoneโ€”
Latitude34.77
Longitude113.72

๐Ÿข Ownership & Registration

OrganizationBaidu Noc
ASNAS38365
Network NameBaidu
CIDR Block180.76.0.0/16
RIRAPNIC
CountryCN
Abuse Contactโ€”

๐ŸŒ DNS Intelligence

PTR RecordNo PTR
Forward ConfirmedNo โ€” PTR hostname does not resolve back to this IP (weak signal)

๐Ÿ” DNS Hygiene

Hygiene Score20% (Poor)
SPFNot configured
DMARCNot configured
FCrDNSNot verified
DNSSECValid
CAANot configured

โ˜๏ธ Network Classification

InfrastructureUnknown
Service PurposeFirewalled / No Services
Network TierUnknown โ€” Insufficient routing data to classify
No specific classification

๐Ÿ”Œ Services & Open Ports

PortServiceProtocolBanner
No open ports detected
Closed Ports22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)
Serverโ€”
HTTP Titleโ€”

๐Ÿ” TLS Certificate

๐Ÿ”’
No certificate
Issued by โ€”
N/A
SANsNone
Valid Fromโ€”
Valid Untilโ€”

๐ŸŽฏ Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

DimensionScoreSourcesObservations
threat
34%
24
routing
17%
11
services
15%
22
ownership
19%
22
reputation
23%
13
geolocation
30%
23
Overall23%1015
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
Data CoherenceConsistent (100%)
AttributionModerate (50%)
OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

๐Ÿ“… Observation Timeline ๐Ÿ”„ Fresh

First Seen2026-05-07 23:03:58 UTC
Last Seen2026-06-26 08:23:24 UTC
Profile Built2026-06-25 17:11:37 UTC
Data FreshnessFresh
Signal Types18
Total Observations18
๐Ÿ” 18 signal types ยท 18 observations collected
This report is generated from 18+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.
{ } JSON API ๐Ÿ”ง Actions API ๐Ÿ“ง Enterprise Access

โ„น๏ธ About This Report

All data shown is publicly available network metadata โ€” IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.