152.32.252.65
IP Intelligence Briefing: 152.32.252.65
Date: June 2, 2026
1. Profile Summary
- Risk Score: Moderate (50/100) | Provider: UCLOUD INFORMATION TECHNOLOGY HK LIMITED (AS135377)
- Geolocation: Hong Kong (HK), Latitude 22.4, Longitude 114.11 | Subnet: 152.32.252.0/24
- Threat Status: Clean (no indicators, no blacklist entries, no known attacker activity).
- Network Role: Firewalled infrastructure with no open services (ports, TLS, or HTTP activity).
- Control Plane: DNSBL-listed on 2/8 platforms (low priority), but DNSSEC valid.
2. Observation History
- Recent Activity (30 Days):
- Subnet abuse density: 0.33 (moderate risk).
- No persistent malicious behavior; threat observation count: 1.
- Geolocation validated with 5 probes (avg RTT: 234.6ms, 9173.5km distance).
- No changes in ownership or threat signals.
3. Relationships
- Network Affiliation: Linked to UCLOUD-HK (AS135377) via same subnet.
- Certificates/Services: No TLS certificates or HTTP services detected.
- Email Reputation: No SPF/DKIM records or email-related activity.
4. Neighborhood Analysis
- Subnet: 152.32.252.0/24 (3 IPs total).
- Neighbor Risk:
- 152.32.252.94: Medium risk (40/100).
- 152.32.252.233: Low risk (25/100).
- Abuse Density: 33.3% (1/3 IPs flagged).
5. Recommendations
- Monitoring: Track subnet neighbors (especially 152.32.252.94) for emerging threats.
- Firewall: Consider allowing traffic from UCLOUD-HK if legitimate, but monitor DNSBL entries.
- Validation: Verify DNSSEC and email security practices for the UCLOUD network.
Conclusion:
The IP is part of a moderately risky subnet managed by UCLOUD. While no direct threats are detected, the subnetβs abuse density and DNSBL listings warrant closer monitoring. Neighbors show mixed risk, suggesting potential for future compromise.
Tools Used: ipdebrief_profile, ipdebrief_history, ipdebrief_relationships, ipdebrief_neighbors.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | UCLOUD INFORMATION TECHNOLOGY HK LIMITED |
| ASN | AS135377 |
| Network Name | UCLOUD-HK |
| CIDR Block | 152.32.252.0/24 |
| RIR | ARIN |
| Country | HK |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR Record | No PTR |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
π DNS Hygiene
| Hygiene Score | 20% (Poor) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Unknown |
| Service Purpose | Web Server |
| Network Tier | Unknown β Insufficient routing data to classify |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| 80 | http | tcp | β |
| 443 | https | tcp | β |
| 22 | ssh | tcp | |
| Closed Ports | 25, 3389, 8080, 8443 (3 open / 7 scanned) | ||
| Server | nginx/1.24.0 (Ubuntu) |
| HTTP Title | β |
| SSH Version | SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13 |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 28% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 30% | 2 | 3 |
| ownership | 27% | 2 | 3 |
| reputation | 26% | 1 | 3 |
| geolocation | 30% | 2 | 3 |
| Overall | 26% | 10 | 17 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Fresh
| First Seen | 2026-05-07 23:03:47 UTC |
| Last Seen | 2026-06-26 18:10:41 UTC |
| Profile Built | 2026-06-24 10:21:14 UTC |
| Data Freshness | Fresh |
| Signal Types | 20 |
| Total Observations | 21 |
Full dossier details are available via our API.