8.136.126.42
IP Intelligence Briefing: 8.136.126.42/32
Date: 2026-06-03
---
**1. Core Profile**
- Risk Score: Moderate (50/100)
- Ownership:
- ASN: 37963
- Organization: ALICLOUD (IRT-ASEPL-SG)
- Registrar: ARIN
- Geolocation: Hangzhou, Zhejiang, China (latitude 35.86, longitude 104.2)
- Threat Indicators:
- No known malware, phishing, or spam activity.
- No DNS or certificate anomalies.
- Not listed in DNSBLs or blacklists.
---
**2. Network Behavior**
- Subnet: 8.136.126.42/24
- Abuse Density: 0% (clean subnet)
- Services:
- No open ports or TLS services detected.
- No HTTP/HTTPS activity or server banners.
- Routing:
- BGP prefix: 8.136.0.0/17
- Route stability: Minimal operator score (0.13).
---
**3. Observation History**
- Recent Activity (Last 30 Days):
- Stable network role (firewalled, no services).
- No changes in ownership or threat signals.
- Geolocation inferred with 3750 km accuracy (potential regional inconsistency).
---
**4. Relationships**
- Linked Entities:
- Network: ALICLOUD (same ASN, subnet).
- No external relationships (no domains, certificates, or subnets tied to this IP).
---
**5. Neighborhood Analysis**
- Subnet Neighbors: 1 active IP (itself).
- Abuse Density: 0% (no malicious siblings).
- Geolocation Consensus: 1 source (limited confidence).
---
**6. Recommended Actions**
- Firewall Rules:
- iptables: `iptables -A INPUT -s 8.136.126.42 -j DROP`
- Cloudflare WAF: Block IP with description "IPDebrief risk 50"
- AWS WAF: Add `8.136.126.42/32` to a rule with description "IPDebrief risk 50"
- Monitoring:
- Track geolocation accuracy and subnet activity.
- Monitor for unexpected service emergence or DNS changes.
---
**7. Summary**
The IP 8.136.126.42 is part of ALICLOUDβs infrastructure in Hangzhou, China. It shows no direct malicious activity, but its moderate risk score suggests limited visibility or potential misconfiguration. While the subnet is clean, the geolocationβs low accuracy and inferred routing may warrant further investigation. SOC teams should maintain monitoring for anomalies while considering the IPβs legitimate cloud provider context.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | IRT-ASEPL-SG |
| ASN | AS37963 |
| Network Name | ALICLOUD |
| CIDR Block | 8.128.0.0/11 |
| RIR | ARIN |
| Country | CN |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 21% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 27% | 2 | 3 |
| reputation | 15% | 1 | 2 |
| geolocation | 21% | 2 | 2 |
| Overall | 19% | 10 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:35 UTC |
| Last Seen | 2026-06-23 21:50:29 UTC |
| Profile Built | 2026-06-23 21:55:23 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 20 |
Full dossier details are available via our API.