152.32.149.47 — UCLOUD INFORMATION TECHNOLOGY HK LIMITED, US — Very High (87%)

Check an IP Address, Domain Name, Subnet, or ASN

152.32.149.47 was found in our database!

Confidence Level

87%

Very High?

Geolocation

🇺🇸

United StatesReston

ISPUCLOUD INFORMATION TECHNOLOGY HK LIMITED

ASNAS135377

Activity Timeline

First seenJan 30, 2026, 11:02 AM

Last seen55m ago

322Sessions

413Events

Protocol Breakdown

HTTPS

247 / 247

SMTP

15 / 87

MSSQL

18 / 18

MONGODB

8 / 17

RTSP

6 / 16

FTP

15 / 15

IMAP

8 / 8

SSH

4 / 4

MYSQL

1 / 1

152.32.149.47 has a very high threat confidence level of 87%, originating from Reston, United States, on the UCLOUD INFORMATION TECHNOLOGY HK LIMITED network (135377). It has been observed across 322 sessions targeting HTTPS, SMTP, MSSQL, MONGODB, RTSP and 4 other protocols, First observed on January 30, 2026, most recently active March 5, 2026.

Behaviors

Classified behavioral patterns observed

Ftp Financial Partner Directory Enumeration

medium1x

FTP session where the client authenticates and performs repeated passive-mode directory listings while navigating directly into finance, HR, partner, vendor, and release paths such as /data/finance, /data/hr, /partners, and /pub/*, indicating targeted discovery of business-sensitive storage locations.

Mysql Schema Discovery Bot

low1x

Automated reconnaissance behavior that performs a basic enumeration of accessible MySQL databases to identify available schemas and infer hosted applications or data presence. Often used as an initial validation step to confirm database access and assess whether further enumeration or extraction is worthwhile.

Https Root Path Request

info13x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

Primitives

Individual actions observed

Ftp List Directory21 Ftp Set Ascii Mode21 Ftp Enter Passive Mode21 Ftp Change Working Directory20 Https Path Root13 Empty Ftp Command12 Https Path Config Json11 Smtp Ehlo Greeting5 Smtp Starttls Upgrade Request3 Ftp User Probe2 Ftp Auth Tls1 Ftp Help Request1 Ftp Password Attempt1 Mysql Show Databases1 Ftp Change Directory Etc1 Ftp Feature List Request1 Ftp Change Directory Data1 Ftp Change Directory Backups1 Ftp Change Directory Configs1 Ftp Change Directory Data Hr1

Related Threats

Explore related threat intelligence

🇺🇸More threats fromUnited States ASMore threats fromUCLOUD INFORMATION TECHNOLOGY HK LIMITED HTTPSMore threats targetingHTTPS SMTPMore threats targetingSMTP MSSQLMore threats targetingMSSQL MONGODBMore threats targetingMONGODB RTSPMore threats targetingRTSP FTPMore threats targetingFTP IMAPMore threats targetingIMAP SSHMore threats targetingSSH MYSQLMore threats targetingMYSQL { }Browse allAttack Patterns

WHOIS Lookup

IP Address	Confidence	Events
152.32.254.178	100%	95
152.32.172.117	100%	765
165.154.6.100	98%	66
152.32.235.96	92%	257
152.32.135.139	100%	776

IP Address	Confidence	Events
16.58.56.214	99%	20,534
18.116.101.220	99%	20,190
167.94.138.112	29%	1,257
3.130.168.2	100%	17,419
43.159.145.149	37%	54