152.32.157.3
IP Intelligence Briefing: 152.32.157.3
Date: 2026-06-17
---
**Core Profile**
- Risk Score: 55/100 (Moderate Risk)
- Ownership: UCLOUD INFORMATION TECHNOLOGY HK LIMITED (AS135377)
- Geolocation: London, England, UK (inferred via multi-signal geolocation)
- Network Role: Firewalled with no active services (no open ports, TLS certs, or web banners)
- Threat Indicators: No direct malicious activity detected; however, the IP is associated with UCLOUD-GB, which has a reputation score of 0 but shows 50 pulse counts in threat feeds (potential false positives or benign network).
---
**Observation History**
- Recent Activity (2026-06-17):
- Multi-signal geolocation inferred as London, UK (750km accuracy).
- No DNS or service activity detected.
- Historical Data (2026-06-02):
- Identified as non-CDN, non-Tor, non-VPN, and non-residential.
- Threat feed signal (signal_type_id 27) linked to UCLOUD-GB with 50 pulse counts (possible benign or low-risk network).
---
**Relationships**
- Network Affiliation: Linked to UCLOUD-GB (AS135377) across 14 relationships.
- Subnet Context: Part of 152.32.157.0/24, classified as "mostly_clean" with 0.5 abuse density.
---
**Neighborhood Analysis**
- Subnet (152.32.157.0/24):
- 5 total siblings; 1 high-risk neighbor (riskScore: 40), others at 0 or 25.
- Abuse density: 0 (low), but one neighbor shows elevated risk.
---
**Recommended Actions**
1. Monitor: Increase logging verbosity for traffic from 152.32.157.3 and review recent activity.
2. Block: Implement firewall rules to deny traffic from this IP (rules provided in tool response).
3. Investigate Neighbors: Focus on the high-risk neighbor (152.32.157.173) for potential network compromise.
---
Conclusion:
The IP is associated with a UK-based provider and shows no direct malicious activity. However, its network (UCLOUD-GB) has mixed threat signals, and one neighbor exhibits elevated risk. SOC teams should monitor this IP closely and consider isolating the subnet to mitigate potential lateral movement risks.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | UCLOUD INFORMATION TECHNOLOGY HK LIMITED |
| ASN | AS135377 |
| Network Name | โ |
| CIDR Block | โ |
| RIR | ARIN |
| Country | โ |
| Abuse Contact | Available via RDAP |
๐ DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
๐ DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
โ๏ธ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Firewalled / No Services |
| Network Tier | Unknown โ Insufficient routing data to classify |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 3 |
| routing | 13% | 1 | 1 |
| services | 18% | 2 | 2 |
| ownership | 24% | 2 | 3 |
| reputation | 23% | 1 | 3 |
| geolocation | 21% | 2 | 2 |
| Overall | 21% | 10 | 14 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Fresh
| First Seen | 2026-05-07 23:03:47 UTC |
| Last Seen | 2026-06-25 14:01:56 UTC |
| Profile Built | 2026-06-23 23:44:39 UTC |
| Data Freshness | Fresh |
| Signal Types | 19 |
| Total Observations | 20 |
Full dossier details are available via our API.