165.154.36.71
IP Intelligence Briefing: 165.154.36.71
Date: 2026-06-17
---
**1. Core Profile**
- Risk Score: 80/100 (High Risk)
- Ownership: UCLOUD INFORMATION TECHNOLOGY HK LIMITED (AS135377)
- Geolocation: Los Angeles, CA, US (inferred via multi-signal analysis; ICMP validation blocked).
- Network Role: Firewalled / No Services (no open ports or TLS services detected).
- Threat Indicators: No direct malicious activity observed (no indicators, spam, or known campaigns).
---
**2. Neighborhood Analysis**
- Subnet: 165.154.36.0/24
- Abuse Density: 57.14% (high abuse classification).
- Neighbor IPs:
- 6 medium-risk neighbors (avg. 55 risk score).
- 2 low-risk neighbors (avg. 40 risk score).
- 4 threat-associated neighbors (avg. 65 risk score).
- Inherited Risk: 9/10 (subnet-level abuse suggests potential indirect compromise).
---
**3. Temporal Observations**
- First Seen: 2026-06-02 (subnet analysis).
- Stability: No recent ownership or threat changes.
- Geolocation Consistency: Inferred location remains stable, but ICMP validation failures limit accuracy.
---
**4. Relationships & Context**
- Network Affiliation: Linked to UCLOUD-US network (AS135377).
- BGP Path: `3257 174 135377` (route stable, no recent changes).
- DNSSEC: Validated;CAA records present.
- Route Stability: 3,700+ days since allocation (APNIC).
---
**5. Recommended Actions**
- Monitoring: Increase logging verbosity for traffic from this IP.
- Firewall Rules:
- iptables: `iptables -A INPUT -s 165.154.36.71 -j DROP`
- Cloudflare WAF: Block IP with rule `{ "action": "block", "expression": "ip.src eq 165.154.36.71" }`
- AWS WAF: Add `165.154.36.71/32` to IP set.
- Investigation: Correlate with high-risk neighbors (e.g., 165.154.36.243, 165.154.36.177).
---
Conclusion: This IP resides in a high-abuse subnet with no direct malicious activity but warrants monitoring due to inherited risk and network associations. Use the provided firewall rules to block traffic and prioritize deeper analysis of its subnet.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | UCLOUD INFORMATION TECHNOLOGY HK LIMITED |
| ASN | AS135377 |
| Network Name | β |
| CIDR Block | 165.154.36.0/24 |
| RIR | ARIN |
| Country | β |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Tier 3 β Basic operator with some routing infrastructure |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 32% | 2 | 4 |
| routing | 27% | 2 | 3 |
| services | 11% | 1 | 2 |
| ownership | 24% | 3 | 4 |
| reputation | 23% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 24% | 11 | 19 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-05-07 23:03:51 UTC |
| Last Seen | 2026-06-26 18:10:44 UTC |
| Profile Built | 2026-06-22 19:48:37 UTC |
| Data Freshness | Live |
| Signal Types | 22 |
| Total Observations | 24 |
Full dossier details are available via our API.