IOC Radar
IPMediumSignal 79/100

152.136.189.143

Location
ChinaChina
Beijing, Beijing
ASN
AS45090
Tencent Cloud Computing (Beijing) Co., Ltd
First Seen
Apr 4, 2026
Last Seen
Apr 23, 2026
Apr 4
First Seen
70d ago
Apr 23
Last Seen
52d ago
10
Reports
source reports
79%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
79%
Signal Score
79 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryCNChina
RegionBeijing, Beijing
ASNAS45090
OrganizationTencent Cloud Computing (Beijing) Co., Ltd

Feed Intelligence Summary

10 reports79% confidence
10
Source reports
79%
Confidence score
Category tags
abuseactive scanactive scanningasiabad reputationbrute forcebrute force attackbrute force attackerbrute-forcechinacredential accesscredential stuffingexploitexploitation activityexploited hosthackingidentity & access exploitationindicatornetworkpassword attacksportscanreconnaissanceresearchedscannerscannersservice scanssh attackt1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003tpotvulnerability scanvulnerability-exploitationvultr

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
79
SIGNAL
Signal Score
79%
Confidence
10
Reports
First seenApr 4, 2026
Last seenApr 23, 2026
GeolocationCN
CountryChina
LocationBeijing, Beijing
ASNAS45090
OrgTencent Cloud Computing (Beijing) Co., Ltd
Coords34.7732, 113.7220

VirusTotal

Not checked

WHOIS

description
IPv4 hosts detected port scanning Vultr Tokyo (Japan) honeypot
raw
inetnum: 152.136.0.0 - 152.136.255.255 netname: TENCENT-CN descr: Tencent Cloud Computing (Beijing) Co., Ltd descr: Floor 6, Yinke Building, 38 Haidian St, Haidian District country: CN org: ORG-TCCC1-AP admin-c: TCA15-AP tech-c: TCA15-AP abuse-c: AT992-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-TENCENT-CN mnt-routes: MAINT-TENCENT-CN mnt-irt: IRT-TENCENT-CN last-modified: 2020-07-22T13:10:57Z source: APNIC irt: IRT-TENCENT-CN address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP auth: # Filtered remarks: [email protected] was validated on 2025-10-29 remarks: [email protected] was validated on 2025-10-29 mnt-by: MAINT-COMSENZ1-CN last-modified: 2025-11-18T00:31:31Z source: APNIC organisation: ORG-TCCC1-AP org-name: Tencent Cloud Computing (Beijing) Co., Ltd org-type: LIR country: CN address: 309 West Zone, 3F. 49 Zhichun Road. Haidian District. phone: +86-10-62671299 fax-no: +86-10-82602088-41299 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:16:21Z source: APNIC role: ABUSE TENCENTCN country: ZZ address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 phone: +000000000 e-mail: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP nic-hdl: AT992-AP remarks: Generated from irt object IRT-TENCENT-CN remarks: [email protected] was validated on 2025-10-29 remarks: [email protected] was validated on 2025-10-29 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-10-29T07:07:38Z source: APNIC role: Tencent Cloud administrator address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 country: CN phone: +86-10-62671299 e-mail: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP nic-hdl: TCA15-AP mnt-by: MAINT-AP-DIALPAD fax-no: +86-10-62671299 last-modified: 2017-04-04T10:34:03Z source: APNIC route: 152.136.0.0/16 origin: AS45090 descr: Tencent Cloud Computing (Beijing) Co., Ltd 309 West Zone, 3F. 49 Zhichun Road. Haidian District. mnt-by: MAINT-TENCENT-CN last-modified: 2018-01-17T08:23:17Z source: APNIC
references
https://jamesbrine.com.au/vultrparis-portscan-bruteforce-ip-list-2026-04-18/, https://jamesbrine.com.au, https://jamesbrine.com.au/vultrtokyo-portscan-bruteforce-ip-list-2026-04-15/, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 10 threat reports