IOC Radar
IPMediumSignal 83/100

152.32.214.55

Location
Hong KongHong Kong
Hong Kong, Kowloon
ASN
AS135377
Ucloud Information Technology (hk) Limited
First Seen
Apr 16, 2026
Last Seen
Jun 4, 2026
Apr 16
First Seen
60d ago
Jun 4
Last Seen
10d ago
20
Reports
source reports
83%
Confidence
medium
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
83%
Signal Score
83 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountryHKHong Kong
RegionHong Kong, Kowloon
ASNAS135377
OrganizationUcloud Information Technology (hk) Limited

Feed Intelligence Summary

20 reports83% confidence
20
Source reports
83%
Confidence score
Category tags
abuseactive scanaggressive-detectionapacheapache attackeraptasiaattackaustraliabad reputationbad web botblocklistbotnet activitybrute forcebrute force attackerbrute-forcebruteforceconnection-resetcowriecredential stuffingcredential-harvestingddosddos attackdionaeaenv-huntingexploitexploitation activityexploited hostfattftpftp brute-forcehackinghkhong kongidentity & access exploitationindicatoriot securityiot targetedkill-chain exploitationkill-chain reconnaissancelow-riskmalaysianetworknginxoceaniaosintp0fphishingping of deathportscanprotocol-probingransomwareresearchresearchedscannerscannerssensor-taggedservice scansocradar honeypotspamsshssh attackssh-brutet1110t1110.001t1595.001tannertelnetthreat actortor nodetpotvulnerability scanvulnerability-exploitationvultrweb app attackweb spam

Activity Timeline

1 total obs
Jun 4Jun 4

Threat Activity Heatmap

· Peak: 2026-06-04
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
83
SIGNAL
Signal Score
83%
Confidence
20
Reports
First seenApr 16, 2026
Last seenJun 4, 2026
GeolocationHK
CountryHong Kong
LocationHong Kong, Kowloon
ASNAS135377
OrgUcloud Information Technology (hk) Limited
Coords22.2578, 114.1657

VirusTotal

Not checked

WHOIS

description
Score: 60/100. Labels: abuseipdb:brute-force, abuseipdb:critical, abuseipdb:exploited-host, abuseipdb:hacking, abuseipdb:port-scan, abuseipdb:reported. Attacker IP 152.32.214.55 observed using SSH client fingerprint 'Unknown SSH Client (03a80b21afa8)' 27 times when connecting to db4lamedtech between 2026-04-17 00:26 and 2026-04-17 01:05 UTC.
raw
inetnum: 152.32.214.0 - 152.32.214.255 netname: UCLOUD-HK descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED country: HK admin-c: UITH2-AP tech-c: UITH2-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-UCLOUD-HK mnt-irt: IRT-UCLOUD-HK abuse-c: AU164-AP last-modified: 2024-08-27T06:29:33Z source: APNIC irt: IRT-UCLOUD-HK address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong e-mail: [email protected] abuse-mailbox: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP auth: # Filtered remarks: [email protected] was validated on 2026-02-27 remarks: [email protected] was validated on 2026-02-27 mnt-by: MAINT-UCLOUD-HK last-modified: 2026-02-27T02:07:48Z source: APNIC role: ABUSE UCLOUDHK country: ZZ address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong phone: +000000000 e-mail: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP nic-hdl: AU164-AP remarks: Generated from irt object IRT-UCLOUD-HK remarks: [email protected] was validated on 2026-02-27 remarks: [email protected] was validated on 2026-02-27 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2026-02-27T02:08:22Z source: APNIC role: UCLOUD INFORMATION TECHNOLOGY HK LIMITED address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong country: HK phone: +000000000 e-mail: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP nic-hdl: UITH2-AP notify: [email protected] mnt-by: MAINT-UCLOUD-HK last-modified: 2022-05-16T03:54:14Z source: APNIC route: 152.32.214.0/24 origin: AS135377 descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED FLAT/RM 603 6/F LAWS COMMERCIAL PLAZA 788 CHEUNG SHA WAN ROAD, KL, mnt-by: MAINT-UCLOUD-HK last-modified: 2020-11-26T07:30:37Z source: APNIC route: 152.32.214.0/24 origin: AS62610 descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED FLAT/RM 603 6/F LAWS COMMERCIAL PLAZA 788 CHEUNG SHA WAN ROAD, KL, mnt-by: MAINT-UCLOUD-HK last-modified: 2025-07-27T10:06:10Z source: APNIC
references
https://purplesynapz.com/, https://redpiranha.net, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 10 days ago
Appeared in 20 threat reports