59.110.1.12

{ } JSON 🔧 Full Actions API

🤖 Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.

INTELLIGENCE BRIEFING: IP 59.110.1.12/32

Classification: Low Risk | Date of Analysis: June 2026

---

Executive Summary

IP 59.110.1.12/32 is classified as a low-risk address with no current active threat indicators. The address operates within the ALISOFT network (AS37963) in Beijing, China. All observed signals indicate benign network behavior with no evidence of malicious activity, blacklisting, or compromised services.

---

Network Identity & Ownership

Organization: ALISOFT
Netname: ALISOFT
ASN: 37963
Country: China (CN)
City/Region: Beijing
CIDR Block: 59.110.0.0/16
RIR: APNIC
Provider Score: 0 | Authority Score: 0
Control Plane: Stable routing (isRouteStable: true), DNSSEC valid

---

Threat Assessment

Risk Score: 0
Abuse Confidence Score: Not applicable
Blacklist Status: 0/8 lists (currently not listed)
Known Campaigns: None
Tor Exit Node: No
Known Attacker: No
Spam Source: No

---

Network Role & Services

Classification: Firewalled / No Services
Open Ports: None detected
TLS Certificates: None
Hosted Domains: 0
Email Authentication: No SPF/DMARC records detected
Infrastructure Type: Not CDN, VPN, proxy, hosting, or mobile network

---

Neighborhood Analysis (59.110.1.0/24)

Abuse Density: 1 (mostly_clean)
Inherited Risk: 2 (low)
Total Siblings: 1
Active Siblings: 1
Threat Siblings: 1
Risk Distribution: High: 0, Medium: 0, Low: 0

---

Relationship Graph

Total Relationships: 17
Relationship Types: All classified as "Same Network" (ALISOFT)
No external entity links (hostnames, certificates, or organizations outside the network)

---

Observation History (19 Signals)

Most Recent: 2026-06-25 (blacklist check: 0 listings)
Historical Trend: Consistent "mostly_clean" classification
Threat Persistence Days: 0
Ownership Changes: 0
Threat Observation Count: 1 (isolated, non-persistent)
Status: Not persistently malicious

---

Security Recommendations

No actionable security actions or firewall rules are recommended. The IP address presents no current threat indicators.

Suggested Actions:

Monitor for changes in service availability or open ports
Maintain awareness of subnet-level activity given the presence of threat siblings in the /24
No immediate blocking or rate-limiting required

---

Intelligence Conclusion

IP 59.110.1.12/32 is a legitimate network address with no active malicious behavior. The address belongs to ALISOFT's infrastructure in Beijing, China. While the /24 subnet contains one threat sibling, the target IP itself shows no evidence of abuse or compromise. SOC analysts may monitor the address for service changes but should not apply restrictive firewall rules at this time.

This summary was generated by AI and may contain inaccuracies. Verify critical details independently.

🌍 Geolocation

Country	🇨🇳 China
Region	Beijing
City	Beijing
Timezone	—
Latitude	39.91
Longitude	116.40

🏢 Ownership & Registration

Organization	security trouble
ASN	AS37963
Network Name	ALISOFT
CIDR Block	59.110.0.0/16
RIR	APNIC
Country	CN
Abuse Contact	Available via RDAP

🌐 DNS Intelligence

PTR Record	No PTR
Forward Confirmed	No — PTR hostname does not resolve back to this IP (weak signal)

🔐 DNS Hygiene

Hygiene Score	20% (Poor)
SPF	Not configured
DMARC	Not configured
FCrDNS	Not verified
DNSSEC	Valid
CAA	Not configured

☁️ Network Classification

Infrastructure	Unknown
Service Purpose	Firewalled / No Services
Network Tier	Unknown — Insufficient routing data to classify

No specific classification

🔌 Services & Open Ports

Port	Service	Protocol	Banner
No open ports detected
Closed Ports	22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned)

Server	—
HTTP Title	—

🔐 TLS Certificate

🔒

No certificate

Issued by —

N/A

SANs	None
Valid From	—
Valid Until	—

🎯 Confidence Breakdown

Per-dimension confidence scores based on source diversity and data freshness

Dimension	Score	Sources	Observations
threat	35%	2	3
routing	27%	2	3
services	15%	2	2
ownership	27%	2	3
reputation	22%	1	3
geolocation	27%	2	3
Overall	25%	11	17

Coverage: 6/6 dimensions · Data sufficiency: sufficient

Data Coherence	Consistent (100%)
Attribution	Moderate (50%)
	OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid

📅 Observation Timeline 🔄 Live

First Seen	2026-05-09 11:34:11 UTC
Last Seen	2026-06-25 16:54:26 UTC
Profile Built	2026-06-25 17:01:24 UTC
Data Freshness	Live
Signal Types	20
Total Observations	21

🔍 20 signal types · 21 observations collected

This report is generated from 20+ independent intelligence signals including ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds, behavioral fingerprinting, and more.
Full dossier details are available via our API.

{ } JSON API 🔧 Actions API 📧 Enterprise Access

ℹ️ About This Report

All data shown is publicly available network metadata — IP addresses do not reliably identify individuals. Assessments are probabilistic and should not be used as sole basis for access control decisions. To report an issue or request data review, contact admin@ipdebrief.com.

59.110.1.12📋 Copy

**Executive Summary**

**Network Identity & Ownership**

**Threat Assessment**

**Network Role & Services**

**Neighborhood Analysis (59.110.1.0/24)**

**Relationship Graph**

**Observation History (19 Signals)**

**Security Recommendations**

**Intelligence Conclusion**