Your IP: 216.73.216.123
๐ค Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 47.76.192.176
Date: 2026-06-18
---
**1. Core Profile**
- Risk Score: 65 (Moderate Risk)
- Provider: Alibaba Cloud (HK) (ASN 45102)
- Geolocation: Hong Kong (HK), China
- Network Role: Cloud Compute Host (non-residential, non-mobile)
- Services: HTTP (Apache) on port 80
---
**2. Threat & Risk Indicators**
- No Direct Malicious Indicators: No malware hashes, C2 domains, or known campaigns linked.
- DNSBL Listings: Detected in 3/8 DNSBL feeds (moderate risk).
- Subnet Abuse: Subnet (47.76.192.0/24) has 1 abuse-dense IP, but this host shows no active threats.
- Historical Signals:
- Observed in 2026-06-18 with DNS resolution anomalies.
- No persistent malicious activity detected.
---
**3. Relationships & Context**
- Network Affiliation:
- Part of Alibaba Cloud HK infrastructure (ASN 45102).
- No direct ties to known malicious organizations or subnets.
- DNS Associations:
- Multiple DNS resolution failures (e.g., timeouts to 192.168.2.108).
- No linked domains or email authentication records.
---
**4. Neighborhood Analysis**
- Subnet (47.76.192.0/24):
- 0 active IPs, 1 abuse-dense IP.
- No neighboring IPs reported in active scans.
---
**5. Recommendations**
- Monitor DNS Resolutions: Investigate recurring DNS timeouts and BL listings.
- Verify Cloud Usage: Confirm Alibaba Cloud HK compliance for this host.
- Baseline Behavior: Track HTTP service activity for unexpected traffic patterns.
- No Immediate Action Required: No confirmed malicious activity detected.
---
Source: IPDebrief Threat Intelligence Platform
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Alibaba Cloud - HK |
| ASN | AS45102 |
| Network Name | ALIBABA CLOUD - HK |
| CIDR Block | 47.76.0.0/16 |
| RIR | ARIN |
| Country | China |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Single-Service Host |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| Closed Ports | 22, 25, 443, 3389, 8080, 8443 (1 open / 7 scanned) | ||
| Server | Apache |
| HTTP Title | โ |
๐ TLS Certificate
No certificate
Issued by โ
N/A
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 29% | 2 | 4 |
| ownership | 15% | 2 | 2 |
| reputation | 23% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 23% | 10 | 17 |
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:23 UTC |
| Last Seen | 2026-06-26 18:11:23 UTC |
| Profile Built | 2026-06-26 02:49:40 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 23 |
๐ 22 signal types ยท 23 observations collected
This report is generated from 22+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
โน๏ธ About This Report
All data shown is publicly available network metadata โ IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.