← Back to feed
Location
🇭🇰 HK / Hong Kong
ASN
AS135377 · UCLOUD INFORMATION TECHNOLOGY HK LIMITED
Cloud Provider
—
Total Events
30
Average by volume
Agent Count
2
First / Last Seen
2026-05-12 20:34 — 2026-05-17 14:47
Attack Types
MITRE ATT&CK Techniques
External Corroboration
CINS Army
cins:bad_reputation
Blocklist.de
blocklist_de:reported
Campaigns
Multi-Agent Scan
SCAN
Active
medium
5 IPs
198 events
2026-05-03 — ongoing · 5 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
7 IPs
612 events
2026-05-03 — ongoing · 7 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
45 IPs
6024 events
2026-03-13 — ongoing · 45 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
241 IPs
227549 events
2026-03-13 — ongoing · 241 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
236 IPs
177173 events
2026-03-13 — ongoing · 236 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
15 IPs
2777 events
2026-03-02 — ongoing · 15 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
37 IPs
5439 events
2026-02-28 — ongoing · 37 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
22 IPs
3330 events
2026-02-28 — ongoing · 22 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
93 IPs
64107 events
2026-02-28 — ongoing · 93 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
17 IPs
3262 events
2026-02-28 — ongoing · 17 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
43 IPs
13708 events
2026-02-28 — ongoing · 43 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
75 IPs
11599 events
2026-02-26 — ongoing · 75 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
Multi-Agent Scan
SCAN
Active
medium
17 IPs
40119 events
2026-02-23 — ongoing · 17 IPs independently targeted the same honeypot sensors within a 24-hour window. Scanning the same targets in close …
HASSH 19532158b559… — SSH-2.0-libssh2_1.11.1 (50 IPs, 20 countries)
HASSH
Active
high
🇨🇳 CN
50 IPs
1272 events
ssh:bruteforce
2026-02-22 — ongoing · 50 IPs are running an identical SSH client (HASSH fingerprint 19532158b559…). Top network: UCLOUD INFORMATION TECHNOLOGY HK LIMITED …
AS135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED
ASN
Active
medium
🇭🇰 HK
46 IPs
15400 events
ftp:bruteforcehttp:scanmysql:bruteforcessh:bruteforce
2026-02-18 — ongoing · 46 IPs from the same network (UCLOUD INFORMATION TECHNOLOGY HK LIMITED, AS135377) were active during overlapping time periods. …
Session Forensics
Sessions
6 (2 with login)
Avg Depth Score
0.3
Commands Executed
0
Files Downloaded
0
Fingerprints
HASSH
SSH Client
Evidence Timeline
Opportunistic Bruter
27cfe6d3aaa1
LOGIN
1
50%
Loading events...
HASSH 19532158b559096…
SSH-2.0-libssh2_1.11.1
Opportunistic Bruter
13e78b917e13
LOGIN
1
50%
Loading events...
HASSH 19532158b559096…
SSH-2.0-libssh2_1.11.1