107.150.110.167
IP Intelligence Briefing: 107.150.110.167
Date: 2026-06-17
---
**1. Risk Profile**
- Overall Risk Score: Moderate (55/100)
- Threat Indicators: No direct malicious activity detected.
- Network Classification: Firewalled / No Services (no open ports or active services identified).
- Provider: ucloud information technology (hk) limited (AS135377).
- Geolocation: Los Angeles, CA, US (latitude 37.751, longitude -97.822).
---
**2. Key Observations**
- DNS Activity:
- PTR hostname: `furtvey.cn` (forward resolution confirmed).
- No email authentication (SPF/DKIM) detected.
- Threat Feeds:
- Listed in 8 threat feeds (medium severity, 2026-06-17).
- No known attacker, spam, or Tor exit node associations.
- Network Behavior:
- Part of the managed hosting network `ZL-LAX-MANAGED-HOSTING-0645`.
- Subnet abuse density: mostly_clean (1 abuse incident in /24 subnet).
---
**3. Neighbor Analysis**
- Subnet: `107.150.110.167/24`
- High-Risk Neighbors:
- 107.150.110.199 (risk score: 25, authority score: 50).
- Overall Subnet Risk: Low (abuse density: 0%).
---
**4. Historical Activity**
- Latest Signal (2026-06-17):
- Medium-severity threat listings (8 feeds).
- Earlier Activity (2026-06-02):
- Associated with ucloud (AS135377) and geolocated to US.
- No persistent malicious behavior detected.
---
**5. Recommendations**
1. Monitor DNS: Investigate `furtvey.cn` for potential phishing or malicious domains.
2. Network Segmentation: Isolate the subnet due to mixed risk profiles.
3. Threat Feed Alerts: Watch for reoccurrence of medium-severity listings.
4. Verify Hosting Provider: Confirm ucloudβs compliance with security standards.
---
Conclusion: The IP is part of a managed hosting environment with no active threats, but its association with multiple threat feeds warrants further scrutiny. SOC teams should prioritize monitoring DNS activity and network segmentation to mitigate potential risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | ZENLA-1 |
| ASN | AS135377 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | furtvey.cn |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | furtvey.cn |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 11% | 1 | 2 |
| ownership | 20% | 2 | 3 |
| reputation | 21% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 19% | 9 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:29 UTC |
| Last Seen | 2026-06-22 08:20:24 UTC |
| Profile Built | 2026-06-22 08:25:43 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 22 |
Full dossier details are available via our API.