8.217.211.192
IP Intelligence Briefing: 8.217.211.192
*Generated via IPDebrief Analysis*
---
**Risk Profile**
- Risk Score: 25 (Low Risk)
- Provider: AlibabaCloud_HK (AS45102)
- Geolocation: Hong Kong (HK), coordinates 22.4°N, 114.11°E (45km accuracy radius)
- Network Role: Multi-service host (HTTP/80, RDP/3389, Nginx server)
- Threat Indicators: No malicious activity detected; no abuse confidence scores or blacklisted entries.
---
**Key Observations**
1. Ownership:
- Registered to IRT-ASEPL-SG (Singapore-based organization).
- AS45102 (Alibaba Cloud) manages the subnet.
2. Network Behavior:
- Services: HTTP (port 80), RDP (port 3389), and Nginx server banner.
- Subnet: 8.217.211.192/24 classified as "mostly_clean" with no active threats.
- Cloud Infrastructure: Linked to AlibabaCloud_HK, indicating a legitimate cloud-hosted asset.
3. Historical Activity:
- Single observation (June 3, 2026) showing normal HTTP traffic with Nginx.
- No anomalies or persistence detected in 30-day observation window.
4. Relationships:
- Strong ties to AlibabaCloud_HK, suggesting itβs part of a larger cloud infrastructure network.
- No known malicious campaigns or correlated IPs.
---
**Neighbor Analysis**
- Subnet: 8.217.211.192/24
- Neighbor Count: 0 (isolated IP)
- Abuse Density: 0 (no risky neighbors detected)
---
**Recommendations**
- Monitor: Track for unexpected service changes or new ports (e.g., RDP/3389).
- Contextualize: Verify against cloud provider logs to confirm legitimate usage.
- No Blocking: Low-risk profile suggests no immediate mitigation required.
---
Conclusion:
8.217.211.192 is a legitimate Alibaba Cloud IP with no current threat indicators. Its low-risk profile and clean subnet context suggest it is a normal cloud-hosted asset. Continue monitoring for deviations.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | IRT-ASEPL-SG |
| ASN | AS45102 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 3389 | rdp | tcp | β |
| Closed Ports | 22, 25, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx |
| HTTP Title | β |
π TLS Certificate
| SANs | qudong-pc.ccwww.qudong-pc.cc |
| Valid From | 2026-05-27T19:10:48+00:00 |
| Valid Until | 2026-08-25T19:10:47+00:00 |
| TLS Protocol | Tls12 |
| Cipher Suite | TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |
| Signature Algorithm | sha256RSA |
| Validity Period | 89 days |
| Serial Number | 06D8274C13B792037B1E1D1C5F61800BFCA4 |
| Thumbprint | 1D978A629EC8C19F69132C5AECF2E713E031A647 |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 35% | 2 | 5 |
| routing | 13% | 1 | 1 |
| services | 32% | 2 | 4 |
| ownership | 24% | 2 | 3 |
| reputation | 23% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 26% | 10 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:04:35 UTC |
| Last Seen | 2026-06-23 21:57:52 UTC |
| Profile Built | 2026-06-23 22:04:31 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 23 |
Full dossier details are available via our API.