47.82.102.241
IP Intelligence Briefing: 47.82.102.241
Date: 2026-06-18
---
**Risk Assessment**
- Risk Score: Moderate (50/100)
- Provider: Alibaba Cloud LLC (ASN 45102)
- Threat Indicators: No active malware, phishing, or exploit activity detected.
- Network Role: Web server (HTTP/HTTPS/SSH open), hosted by Alibaba Cloud.
---
**Geolocation & Ownership**
- Country: Hong Kong (HK)
- ASN: 45102 (Alibaba Cloud)
- Subnet: 47.82.102.241/24
- Abuse Density: Low (0.0/100), but 2/3 neighbors show medium risk.
---
**Network Activity**
- Open Ports:
- TCP 80 (HTTP), 443 (HTTPS), 22 (SSH)
- SSH banner: `SSH-2.0-OpenSSH_8.9p1`
- TLS Certificate:
- Issued to `lifungchemical.com` (Let's Encrypt)
- Validity: Not specified in data
- DNS:
- SPF/DKIM records present; no email compromise indicators.
---
**Observation History**
- Recent Scan (2026-06-18):
- TLSv1.3 handshake with AES-256-GCM encryption
- HTTP server: `nginx/1.30.0`
- Network Classification:
- Cloud infrastructure (hosted by Alibaba Cloud)
- No Tor/VPN/proxy activity detected
---
**Relationships**
- Linked Entities:
- Same /24 subnet (`AL-3`)
- No direct ties to known malicious networks or domains
---
**Neighborhood Analysis**
- Subnet: 47.82.102.0/24
- Neighbor IPs:
- 47.82.102.10 (Risk: Low)
- 47.82.102.235 (Risk: Low)
- Subnet Abuse Density: 0.0 (clean)
---
**Recommendations**
1. Monitor Subnet: Track 47.82.102.0/24 for emerging risks, as two neighbors show medium risk.
2. Verify Domain: Investigate `lifungchemical.com` for potential phishing or credential stuffing ties.
3. SSL/TLS Compliance: Ensure TLS configurations align with industry standards (e.g., disable TLSv1.2).
4. Access Control: Restrict SSH access to trusted sources, given the open port.
No immediate mitigation required, but ongoing surveillance is advised.
Source: IPDebrief Threat Intelligence Platform
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Alibaba Cloud LLC |
| ASN | AS45102 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Web Server |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | โ |
| 443 | https | tcp | โ |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx |
| HTTP Title | โ |
| SSH Version | SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.15 |
๐ TLS Certificate
| SANs | lifungchemical.com |
| Valid From | 2026-04-23T06:52:29+00:00 |
| Valid Until | 2026-07-22T06:52:28+00:00 |
| TLS Protocol | Tls13 |
| Cipher Suite | TLS_AES_256_GCM_SHA384 |
| Signature Algorithm | sha384ECDSA |
| Validity Period | 89 days |
| Serial Number | 05261B3B14AF19531EF6008C54C8D051473D |
| Thumbprint | DBE8AE66D1D3256E008C76487DBFCD385851F85D |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 21% | 1 | 2 |
| services | 29% | 2 | 3 |
| ownership | 20% | 2 | 3 |
| reputation | 23% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 25% | 10 | 18 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:04:23 UTC |
| Last Seen | 2026-06-23 14:56:35 UTC |
| Profile Built | 2026-06-23 15:06:24 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 25 |
Full dossier details are available via our API.