165.154.6.144
IP Intelligence Briefing: 165.154.6.144
Date: June 4, 2026
---
**1. Core Profile**
- Risk Score: 40 (Moderate Risk)
- Owner: UCLOUD INFORMATION TECHNOLOGY HK LIMITED (ASN 135377)
- Geolocation: Hong Kong (HK), Latitude 22.4, Longitude 114.11
- Network Role: Firewalled / No Services (no open ports, no TLS/HTTP services)
- Threat Indicators: No direct malicious activity detected (no indicators, blacklists, or campaigns).
---
**2. Historical Observations**
- Recent Activity (June 4, 2026):
- Flagged in 1 DNSBL with high severity.
- Subnet abuse density: 61.9% (classified as "high_abuse").
- One neighbor (165.154.6.127) shows elevated risk (score 65).
- Long-Term Trends:
- No persistent malicious behavior (threat persistence days: 0).
- Single observation event, suggesting isolated risk.
---
**3. Network Relationships**
- Shared Network: UCLOUD-HK (AS 135377), Hong Kong.
- Subnet: 165.154.6.0/24, with 21 total IPs (1 active, 13 flagged as threats).
- Neighbors of Concern:
- 165.154.6.127 (risk score 65), 165.154.6.18, 165.154.6.26, and others show moderate to high risk.
- Subnet abuse density: 61.9% (high risk classification).
---
**4. Recommendations**
- Monitor Subnet: The 165.154.6.0/24 subnet has high abuse density; investigate neighbors for potential lateral movement or compromised hosts.
- Check DNSBL Status: Verify if the IP remains listed in DNSBLs (e.g., Spamhaus, Barracuda).
- Network Segmentation: Ensure strict segmentation to limit exposure, as the IP is firewalled but part of a high-risk subnet.
- Neighbor Analysis: Prioritize monitoring 165.154.6.127 and other high-risk neighbors for anomalous traffic.
---
Conclusion:
The IP is owned by a Hong Kong-based cloud provider and appears to be a legitimate network with no direct malicious activity. However, its subnet is classified as high abuse, and several neighbors show elevated risk. SOC teams should closely monitor this subnet for potential indirect threats and ensure network segmentation to mitigate risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | UCLOUD INFORMATION TECHNOLOGY HK LIMITED |
| ASN | AS135377 |
| Network Name | UCLOUD-HK |
| CIDR Block | 165.154.6.0/24 |
| RIR | ARIN |
| Country | HK |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 29% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 11% | 1 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 23% | 1 | 3 |
| geolocation | 32% | 2 | 3 |
| Overall | 22% | 9 | 15 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-07 23:03:51 UTC |
| Last Seen | 2026-06-22 19:41:37 UTC |
| Profile Built | 2026-06-22 19:58:19 UTC |
| Data Freshness | Live |
| Signal Types | 20 |
| Total Observations | 23 |
Full dossier details are available via our API.