JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.32.130.144

152.32.130.144 was found in our database!

This IP was reported 4,115 times. Confidence of Abuse is 100%: ?

100%

ISP	UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS135377
Domain Name	ucloud.cn
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.32.130.144

Whois 152.32.130.144

IP Abuse Reports for 152.32.130.144:

This IP address has been reported a total of 4,115 times from 1,088 distinct sources. 152.32.130.144 was first reported on December 17th 2022, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 bigwavedave	2026-04-01 08:41:11 (2 months ago)	SSH	Brute-Force SSH
🇩🇪 PieKnu	2026-04-01 07:19:17 (2 months ago)	Apr 1 07:12:20 host sshd[2665077]: Failed password for root from 152.32.130.144 port 64046 ssh2 Apr ... show more Apr 1 07:12:20 host sshd[2665077]: Failed password for root from 152.32.130.144 port 64046 ssh2 Apr 1 07:15:47 host sshd[2665656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root Apr 1 07:15:49 host sshd[2665656]: Failed password for root from 152.32.130.144 port 7108 ssh2 Apr 1 07:19:13 host sshd[2666478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root Apr 1 07:19:16 host sshd[2666478]: Failed password for root from 152.32.130.144 port 32128 ssh2 ... show less	Brute-Force SSH
Anonymous	2026-04-01 05:56:41 (2 months ago)	2026-04-01T05:53:21.807065+00:00 subaru sshd-session[320658]: pam_unix(sshd:auth): authentication fa ... show more 2026-04-01T05:53:21.807065+00:00 subaru sshd-session[320658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root 2026-04-01T05:53:23.954744+00:00 subaru sshd-session[320658]: Failed password for root from 152.32.130.144 port 46816 ssh2 2026-04-01T05:53:24.136107+00:00 subaru sshd-session[320658]: Disconnected from authenticating user root 152.32.130.144 port 46816 [preauth] 2026-04-01T05:56:38.358587+00:00 subaru sshd-session[325125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root 2026-04-01T05:56:40.787092+00:00 subaru sshd-session[325125]: Failed password for root from 152.32.130.144 port 1028 ssh2 ... show less	Brute-Force SSH
🇩🇪 akasolutions.de	2026-04-01 05:55:47 (2 months ago)	(sshd) Failed SSH login from 152.32.130.144 (HK/Hong Kong/-)	Brute-Force SSH
🇺🇸 psh-ack	2026-04-01 05:55:30 (2 months ago)	Brute-force SSH attack via libssh. Three login attempts: 345gs5662d34/345gs5662d34, root/3245gs5662d ... show more Brute-force SSH attack via libssh. Three login attempts: 345gs5662d34/345gs5662d34, root/3245gs5662d34, root/vicidial@123. Attacker exec'd: removed .ssh dir, recreated it, injected RSA pubkey (AAAAB3NzaC1yc2EAAAABJQAAAQEArDp4cun2lhr4UhBGE7VvAcwdli2a8dbnrTOrbMz1+5O73fcBOx8NVbUT0bUanUV9tJ2...). Second session attempted chattr -ia on .ssh for immutability, followed by lockr cmd (persistence tool). Pattern: credential enumeration targeting common usernames w/ dict/leaked password variants, then SSH key injection for persistence. VicIDial ref indicates VoIP/call center targeting. Commands exec'd in 7.8 sec, consistent w/ automated exploitation. No downloads. Focus: SSH backdoor access establish. show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-04-01 04:33:24 (2 months ago)	(sshd) Failed SSH login from 152.32.130.144 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: ; Dir ... show more (sshd) Failed SSH login from 152.32.130.144 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Mar 31 23:23:17 14260 sshd[10113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root Mar 31 23:23:20 14260 sshd[10113]: Failed password for root from 152.32.130.144 port 14000 ssh2 Mar 31 23:29:21 14260 sshd[10555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root Mar 31 23:29:23 14260 sshd[10555]: Failed password for root from 152.32.130.144 port 45096 ssh2 Mar 31 23:33:11 14260 sshd[10867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root show less	Brute-Force SSH
🇦🇹 Pingger Shikkoken	2026-04-01 04:16:03 (2 months ago)	2026-04-01T04:16:03+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-04-01T04:16:03+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=152.32.130.144 DST=10.1.1.5 LEN=60 TOS=0x00 PREC=0x20 TTL=40 ID=4395 DF PROTO=TCP SPT=16326 DPT=2222 WINDOW=42360 RES=0x00 SYN URGP=0 2026-04-01T04:16:04+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=152.32.130.144 DST=10.1.1.5 LEN=60 TOS=0x00 PREC=0x20 TTL=40 ID=4396 DF PROTO=TCP SPT=16326 DPT=2222 WINDOW=42360 RES=0x00 SYN URGP=0 2026-04-01T04:16:06+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=152.32.130.144 DST=10.1.1.5 LEN=60 TOS=0x00 PREC=0x20 TTL=40 ID=4397 DF PROTO=TCP SPT=16326 DPT=2222 WINDOW=42360 RES=0x00 SYN URGP=0 ... show less	Hacking Brute-Force SSH
🇧🇷 diego	2026-04-01 03:37:24 (2 months ago)	[rede-arem1] (sshd) Failed SSH login from 152.32.130.144 (HK/Hong Kong/-): 5 in the last 3600 secs; ... show more [rede-arem1] (sshd) Failed SSH login from 152.32.130.144 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 1 00:29:06 sshd[26851]: Invalid user [USERNAME] from 152.32.130.144 port 31432 Apr 1 00:29:08 sshd[26851]: Failed password for invalid user [USERNAME] from 152.32.130.144 port 31432 ssh2 Apr 1 00:34:06 sshd[27033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=[USERNAME] Apr 1 00:34:08 sshd[27033]: Failed password for [USERNAME] from 152.32.130.144 port 17384 ssh2 Apr 1 00:37:22 sshd[27137]: pam_unix(sshd:auth): authenticati show less	Port Scan
🇩🇪 mattk	2026-04-01 03:22:30 (2 months ago)	Apr 1 03:22:30 sshd[3406483]: Invalid user XXXX from 152.32.130.144 port 6700	Brute-Force SSH
🇨🇳 さいとうあすか	2026-04-01 03:20:14 (2 months ago)	2026-04-01T11:20:10.355508+08:00 pbs sshd[3411140]: pam_unix(sshd:auth): authentication failure; log ... show more 2026-04-01T11:20:10.355508+08:00 pbs sshd[3411140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 2026-04-01T11:20:12.846367+08:00 pbs sshd[3411140]: Failed password for invalid user claude from 152.32.130.144 port 24378 ssh2 ... show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-04-01 02:45:40 (2 months ago)	(sshd) Failed SSH login from 152.32.130.144 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: ; Dir ... show more (sshd) Failed SSH login from 152.32.130.144 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: ; Direction: 1; Trigger: LF_SSHD; Logs: Mar 31 21:38:24 21732 sshd[31636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root Mar 31 21:38:26 21732 sshd[31636]: Failed password for root from 152.32.130.144 port 61520 ssh2 Mar 31 21:42:18 21732 sshd[31937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root Mar 31 21:42:20 21732 sshd[31937]: Failed password for root from 152.32.130.144 port 2254 ssh2 Mar 31 21:45:37 21732 sshd[32177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root show less	Brute-Force SSH
🇫🇷 danirod	2026-04-01 02:43:29 (2 months ago)	Apr 1 02:40:04 vps324820 sshd[3523156]: Failed password for root from 152.32.130.144 port 33344 ssh ... show more Apr 1 02:40:04 vps324820 sshd[3523156]: Failed password for root from 152.32.130.144 port 33344 ssh2 Apr 1 02:43:26 vps324820 sshd[3526705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root Apr 1 02:43:28 vps324820 sshd[3526705]: Failed password for root from 152.32.130.144 port 24016 ssh2 ... show less	Brute-Force SSH
🇩🇪 ipcop.net	2026-04-01 02:19:01 (2 months ago)	2026-04-01T04:07:22.855255+02:00 gw-de16-01.guestgw.net sshd[986114]: Disconnected from authenticati ... show more 2026-04-01T04:07:22.855255+02:00 gw-de16-01.guestgw.net sshd[986114]: Disconnected from authenticating user root 152.32.130.144 port 38506 [preauth] 2026-04-01T04:11:19.999799+02:00 gw-de16-01.guestgw.net sshd[987335]: Disconnected from authenticating user root 152.32.130.144 port 45528 [preauth] 2026-04-01T04:15:10.843472+02:00 gw-de16-01.guestgw.net sshd[988547]: Disconnected from authenticating user root 152.32.130.144 port 58112 [preauth] 2026-04-01T04:19:00.322235+02:00 gw-de16-01.guestgw.net sshd[989640]: Invalid user claude from 152.32.130.144 port 16106 2026-04-01T04:19:00.578023+02:00 gw-de16-01.guestgw.net sshd[989640]: Disconnected from invalid user claude 152.32.130.144 port 16106 [preauth] show less	Brute-Force
🇬🇧 blik2108	2026-04-01 02:18:25 (2 months ago)	2026-04-01T01:47:19.614743+00:00 wightpi sshd[3854877]: Invalid user claude from 152.32.130.144 port ... show more 2026-04-01T01:47:19.614743+00:00 wightpi sshd[3854877]: Invalid user claude from 152.32.130.144 port 41186 2026-04-01T02:18:24.745771+00:00 wightpi sshd[3855298]: Invalid user claude from 152.32.130.144 port 15678 ... show less	Brute-Force SSH
🇰🇷 Woodie	2026-04-01 02:03:43 (2 months ago)	2026-03-31T20:59:47.438477-05:00 debian sshd[556629]: Failed password for root from 152.32.130.144 p ... show more 2026-03-31T20:59:47.438477-05:00 debian sshd[556629]: Failed password for root from 152.32.130.144 port 17236 ssh2 2026-03-31T21:03:35.557460-05:00 debian sshd[560431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root 2026-03-31T21:03:37.566722-05:00 debian sshd[560431]: Failed password for root from 152.32.130.144 port 32774 ssh2 2026-03-31T21:03:40.960456-05:00 debian sshd[560499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.130.144 user=root 2026-03-31T21:03:42.990264-05:00 debian sshd[560499]: Failed password for root from 152.32.130.144 port 39490 ssh2 ... show less	Brute-Force SSH

Showing 3841 to 3855 of 4115 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 192.142.24.17

🇺🇸 50.116.72.139

🇳🇱 45.148.10.157

🇻🇳 27.79.4.89

🇰🇷 222.119.187.182

🇬🇹 190.148.112.242

🇧🇷 187.34.229.25

🇬🇧 185.116.173.34

🇩🇪 178.128.207.138

🇩🇪 167.94.146.77

🇵🇰 160.30.142.209

🇺🇸 136.144.33.108

🇮🇳 122.166.223.194

🇨🇳 120.48.50.133

🇮🇳 111.92.89.89

🇨🇳 106.52.234.132

🇲🇦 105.158.100.18

🇭🇰 103.231.14.54

🇨🇳 101.76.248.214

🇷🇴 92.118.39.234