IP Intelligence Briefing: 47.236.65.120
*Generated via IPDebrief Analysis*
---
**1. Core Profile**
- Risk Rating: Moderate (Risk Score: 50)
- Ownership:
- ISP/Provider: Alibaba Cloud LLC (ASN 45102)
- Network: AL-3 (ARIN registered)
- Geolocation: United States (US), City: CA (likely placeholder). Latitude/Longitude: N/A.
- Threat Indicators:
- No active malware, spam, or known attacker associations.
- DNSBL Listings: 2/8 total lists (potential abuse risk).
- Network Role:
- Cloud Compute: Hosted by Alibaba Cloud.
- Hosting: Likely a cloud infrastructure node.
- No Residential/Mobile/VPN/Proxy Activity.
---
**2. Observation History**
- Threat Signals:
- Listed in 8 threat feeds (1 high-severity incident, 0.85 confidence).
- No persistent malicious activity (0 threat persistence days).
- Geolocation:
- Plausible US location (ARIN-regulated).
- Accuracy radius: 2500 km (coarse).
- Network Stability:
- BGP Stability: Route unstable (last 30 days).
- DNSSEC Valid: Yes.
---
**3. Relationships & Neighbors**
- Network Relationships:
- Linked to AL-3 (Alibaba Cloud subnet).
- No direct sibling IPs in the same /24 subnet (neighbors tool returned 0).
- Subnet Abuse Density:
- 0% abuse density in the 47.236.65.0/24 subnet.
---
**4. Recommendations**
- Monitoring:
- Track DNSBL listings and BGP route stability.
- Monitor for unexpected outbound traffic (cloud infrastructure may have legitimate use).
- Firewall Actions:
- Consider blocking or restricting traffic to/from this IP if it deviates from expected cloud-hosted behavior.
- Use IPDebriefβs firewall rule generator for specific configurations (e.g., iptables, AWS WAF).
---
Conclusion:
This IP is associated with Alibaba Cloud and appears to be a legitimate cloud infrastructure node. While it shows minimal risk, its presence in DNSBL lists and unstable BGP routes warrant further investigation. SOC teams should monitor for anomalous behavior while allowing normal cloud operations.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Alibaba Cloud LLC |
| ASN | AS45102 |
| Network Name | AL-3 |
| CIDR Block | 47.235.0.0/16 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 17% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-24 18:41:24 UTC |
| Last Seen | 2026-06-10 17:52:43 UTC |
| Profile Built | 2026-06-10 17:56:05 UTC |
| Data Freshness | Live |
| Signal Types | 15 |
| Total Observations | 15 |
Full dossier details are available via our API.