107.175.33.240
IP Intelligence Briefing: 107.175.33.240
Date: 2026-05-31
---
**1. Core Profile**
- Risk Score: 80 (High Risk)
- Owner: HostPapa (AS36352)
- Geolocation: Buffalo, NY, US (arin-registed)
- Network Role: Firewalled / No Services
- DNS: Resolves to `107-175-33-240-host.colocrossing.com` (SPF/DMARC configured).
- Threat Indicators: No direct malware, phishing, or exploit campaigns detected.
- Control Plane: BGP prefix `107.175.32.0/21`, no route stability issues.
- Abuse Status: Clean subnet (`107.175.33.240/24`) with 0 abuse density.
---
**2. Observation History**
- Recent Activity (May 31, 2026):
- Confirmed registration to HostPapa (arin).
- No open ports or services detected in scans.
- DNSBL listings (4/8 total) suggest potential spam or abuse risks.
- Pulse Data (May 29, 2026):
- 50+ pulses detected (e.g., "malware," "phishing").
- Low confidence in network classification (non-CDN, non-VPN).
- Subnet Analysis:
- Subnet `107.175.33.240/24` is clean, with no active/compromised siblings.
---
**3. Relationships**
- Network Associations:
- Linked to BGP network `CC-17` (HostPapa).
- DNS:
- Directly associated with `107-175-33-240-host.colocrossing.com`.
- No Known Malicious Links:
- No correlated IPs, campaigns, or certificates detected.
---
**4. Neighborhood**
- Subnet: `107.175.33.240/24`
- Neighbors: 0 active IPs in subnet (isolated host).
- Abuse Density: 0 (clean).
---
**5. Recommendations**
- Monitor DNS: Track `colocrossing.com` for suspicious subdomains or email activity.
- Isolate Network: Given the high risk score and DNSBL listings, consider blocking this IP in firewall rules.
- Investigate Pulses: Validate the 50+ pulses flagged by AlienVault OTX for potential false positives or emerging threats.
- Check Hosting Provider: Confirm HostPapaβs security practices, as the IP is registered to a hosting provider.
---
Summary: This IP exhibits high risk due to DNSBL listings and pulse activity, but no direct malicious indicators are present. Its isolated nature and clean subnet suggest it may be a misconfigured or compromised host. SOC teams should prioritize monitoring DNS activity and network traffic associated with this IP.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | HostPapa |
| ASN | AS36352 |
| Network Name | β |
| CIDR Block | β |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | 107-175-33-240-host.colocrossing.com |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | 107-175-33-240-host.colocrossing.com |
π DNS Hygiene
| Hygiene Score | 60% (Good) |
| SPF | Present |
| DMARC | Present |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 19% | 2 | 2 |
| routing | 13% | 1 | 1 |
| services | 19% | 2 | 2 |
| ownership | 30% | 2 | 3 |
| reputation | 13% | 1 | 2 |
| geolocation | 19% | 2 | 2 |
| Overall | 19% | 10 | 12 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-13 19:03:26 UTC |
| Last Seen | 2026-06-13 03:44:20 UTC |
| Profile Built | 2026-06-06 22:58:43 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 20 |
Full dossier details are available via our API.