165.154.179.62
IP Intelligence Briefing: 165.154.179.62
Date: 2026-06-10
---
**Core Profile**
- Risk Score: 65/100 (Moderate Risk)
- Ownership:
- ASN: 135377
- Organization: UCLOUD INFORMATION TECHNOLOGY HK LIMITED
- Region: Russia (MOW, Moscow)
- Geolocation:
- Country: Russia (RU)
- Coordinates: 55.75°N, 37.62°E
- Timezone: Europe/Moscow
---
**Threat Indicators**
- No direct malicious activity detected (no indicators, spam, or blacklist entries).
- DNSSEC Valid: True
- DNSBL Listings: 3/8 total lists (low confidence).
---
**Network Behavior**
- Subnet: 165.154.179.0/24 (no active neighbors found).
- Services: No open ports or TLS certificates detected.
- Network Role: Firewalled / No Services.
---
**Observation History**
- 12 signals recorded over 30 days:
- Geolocation: Inferred via multi-signal analysis (confidence: 28%).
- DNS Listings: Listed in 8 sources (confidence: 85%).
- Routing: ASN 135377 (UCLOUD-RU) registered in Hong Kong.
- Abuse Density: 0% (no malicious neighbors).
---
**Relationships**
- Linked to: UCLOUD-RU network (same ASN).
- No correlated IPs or campaigns detected.
---
**Recommended Actions**
1. Monitor: Increase logging verbosity for traffic from this IP.
2. Block:
- Firewall:
```bash
iptables -A INPUT -s 165.154.179.62 -j DROP
nft add rule inet filter input ip saddr 165.154.179.62 drop
```
- Cloud Providers:
- Cloudflare WAF: Block IP with rule `ip.src eq 165.154.179.62`.
- AWS WAF: Add `165.154.179.62/32` to IP set.
---
**Analysis Summary**
- No direct threats identified, but the IPโs moderate risk score and association with a Russian-based ASN warrant vigilance.
- Low confidence in historical signals suggests potential false positives, but the lack of abuse density in its subnet reduces immediate risk.
- SOC Recommendation: Block the IP and monitor for anomalies, especially given its unclear network role and geolocation inconsistencies.
End of Briefing
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | UCLOUD INFORMATION TECHNOLOGY HK LIMITED |
| ASN | AS135377 |
| Network Name | UCLOUD-RU |
| CIDR Block | 165.154.179.0/24 |
| RIR | ARIN |
| Country | RU |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 13% | 1 | 1 |
| routing | 13% | 1 | 1 |
| services | 13% | 1 | 1 |
| ownership | 30% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 14% | 6 | 7 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-22 15:18:28 UTC |
| Last Seen | 2026-06-10 01:22:58 UTC |
| Profile Built | 2026-06-10 01:25:43 UTC |
| Data Freshness | Live |
| Signal Types | 13 |
| Total Observations | 13 |
Full dossier details are available via our API.