47.104.232.1
IP Intelligence Briefing: 47.104.232.1/32
*Generated via IPDebrief Threat Intelligence Suite*
---
**1. Core Profile**
- Risk Assessment: Moderate Risk (Risk Score: 50/100)
- Ownership:
- ASN: 37963 (ALISOFT)
- Registrant: "security trouble" (ARIN-registered)
- Geolocation: Qingdao, Shandong Province, China (latitude 35.86, longitude 104.2)
- Threat Indicators: Clean (no malware, spam, or known attacker associations)
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services detected)
---
**2. Observation History**
- Latest Geolocation (June 2026):
- Inferred via multi-signal analysis (confidence: 52%)
- Accuracy: ±2500 km (plausible for Qingdao, China)
- Traceroute:
- ICMP blocked; validated distance: ~8,278 km (minimum possible RTT: 165.6 ms)
- Network Changes:
- No persistent malicious activity detected (threat persistence: 0 days)
---
**3. Relationships & Subnet**
- Linked Entities:
- Same network: ALISOFT (ASN 37963)
- Subnet: 47.104.232.1/24 (abuse density: 1/100, classification: "mostly_clean")
- Neighbor IPs:
- 47.104.232.12 (risk score: 25/100, authority score: 50)
---
**4. Security Recommendations**
- Firewall Rules:
- iptables: `iptables -A INPUT -s 47.104.232.1 -j DROP`
- nftables: `nft add rule inet filter input ip saddr 47.104.232.1 drop`
- Cloudflare WAF: Block IP with risk score 50
- AWS WAF: Add `47.104.232.1/32` to IP set
- Monitoring:
- Track geolocation consistency and subnet abuse density (current abuse density: 1/100).
---
**5. Summary**
The IP 47.104.232.1 is owned by ALISOFT (China) and appears to be a firewalled, non-routable node with no direct threat indicators. While geolocation inference suggests Qingdao, China, ICMP validation is blocked. The subnet shows low abuse density, but neighboring IPs warrant closer inspection. Use the provided firewall rules to block the IP and monitor for anomalies.
*Note: No malicious activity detected. Use contextual signals for final decision-making.*
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | security trouble |
| ASN | AS37963 |
| Network Name | ALISOFT |
| CIDR Block | 47.104.0.0/13 |
| RIR | ARIN |
| Country | CN |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 39% | 2 | 5 |
| routing | 17% | 1 | 1 |
| services | 24% | 2 | 3 |
| ownership | 24% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 26% | 10 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:23 UTC |
| Last Seen | 2026-06-23 14:28:50 UTC |
| Profile Built | 2026-06-23 14:33:35 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 26 |
Full dossier details are available via our API.