IOC Radar
IPMediumSignal 43/100

175.178.166.216

Location
ChinaChina
Guangzhou, Guangdong
ASN
AS45090
Tencent Cloud Computing
First Seen
Feb 27, 2025
Last Seen
Apr 1, 2026
Feb 27
First Seen
470d ago
Apr 1
Last Seen
71d ago
7
Reports
source reports
43%
Confidence
medium
7/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
43%
Signal Score
43 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

70 techniques

Network Information

CountryCNChina
RegionGuangzhou, Guangdong
ASNAS45090
OrganizationTencent Cloud Computing

Feed Intelligence Summary

7 reports43% confidence
7
Source reports
43%
Confidence score
Category tags
active scanactive scanningapacapac regionappdataaptasiaasia-pacificautomotive manufacturingbad reputationbotnetbotnet activitybrute forcebrute_forcebuilding constructioncdn exploitationcertchinacivil servicescloud service abusecode executioncode injectioncommand and controlcommand executioncommunication technologiesconstruction materialsconstruction safetyconstruction technologycredential accesscredential harvestingcredential stuffingcredential_accesscrypto cybercryptocurrencycyber threatdata exfiltrationdata store exposuredata theftdefencedirectorydistributed attacksdll sideloadingelectronic health recordselectronics manufacturingenergyenergy distributionexfiltrationexploitation activityfatalratftpgh0stgh0st ratgovernment technologygroup policygroup policy injectionhasheshealth care and social assistancehealth information technologyhealthcare information systemshospital managementicsidentity & access exploitationindicatorindustrial automationindustrial control systemsindustrial iotindustrial organizationsindustrial productioninformation technologyinfrastructure acquisitionreconnaissanceinitial accessinjection activityiot securityit infrastructurekaspersky icslateral movementmalicious softwaremalwaremanufacturing technologymedical servicesmobilemobile carriersmobile networksmobile securitymonitoringmoudoormydoornetworknetwork probingnetwork reconnaissancenetwork securitynetwork_reconnaissancenextnspackoil & gasoperation salmonslalompatient carepersistent accessphishingphishing attackpower generationpower systemsprocess injectionprocess manufacturingprotocol exploitationpublic administrationpublic infrastructurepublic policyquality controlratsreconnaissanceregulatory agenciesremote accessremote access trojanremote servicesrenewable energyresearchedsandboxscadasimaysimayratsocial engineeringsoftware developmentssh attacksupply chain attacksupply chain managementt1003t1012t1016t1021t1021.001t1027t1033t1036t1040t1046t1047t1053t1053.005t1055t1056t1056.001t1057t1059t1059.001t1064t1068t1070.001t1071t1071.001t1076t1078t1082t1083t1102t1105t1110t1110.002t1112t1132t1135t1136t1140t1190t1195t1202t1204t1218t1486t1496t1499.002t1499.003t1518t1530t1543.003t1547t1548t1553t1555t1563t1564t1565t1566t1566.001t1566.002t1566.003t1573t1574.002t1587.001t1588t1590.001t1595t1595.001t1595.002t1595.003t1598telecom servicestelecommunicationstelnet threatthreat actortimetor nodettpsturkeyturnurlsvulnerability scanyoudao cloudyoudao cloud noteszegost

Activity Timeline

1 total obs
Apr 1Apr 1

Threat Activity Heatmap

· Peak: 2026-04-01
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
43
SIGNAL
Signal Score
43%
Confidence
7
Reports
First seenFeb 27, 2025
Last seenApr 1, 2026
GeolocationCN
CountryChina
LocationGuangzhou, Guangdong
ASNAS45090
OrgTencent Cloud Computing
Coords23.1291, 113.2640

VirusTotal

7/ 91vendors flagged
8% detection rateJun 8, 2026

WHOIS

description
CC=CN ASN=AS45090 shenzhen tencent computer systems company limited
raw
inetnum: 175.178.0.0 - 175.178.255.255 netname: TencentCloud descr: Tencent cloud computing (Beijing) Co., Ltd. descr: Floor 6, Yinke Building,38 Haidian St,Haidian District Beijing country: CN admin-c: JT1125-AP tech-c: JX1747-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-irt: IRT-TENCENTCLOUD-CN mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNNIC-AP last-modified: 2023-11-28T00:57:11Z source: APNIC irt: IRT-TencentCloud-CN address: 9F, FIYTA Building, Gaoxinnanyi Road, Southern address: District of Hi-tech Park, Shenzhen e-mail: [email protected] abuse-mailbox: [email protected] admin-c: JT1125-AP tech-c: JX1747-AP auth: # Filtered remarks: [email protected] was validated on 2025-03-07 mnt-by: MAINT-CNNIC-AP last-modified: 2025-03-07T07:43:08Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2024-07-30T11:55:46Z source: APNIC person: James Tian address: 9F, FIYTA Building, Gaoxinnanyi Road,Southern address: District of Hi-tech Park, Shenzhen country: CN phone: +86-755-86013388-84952 e-mail: [email protected] nic-hdl: JT1125-AP mnt-by: MAINT-CNNIC-AP last-modified: 2024-03-19T08:21:31Z source: APNIC person: Jimmy Xiao address: 9F, FIYTA Building, Gaoxinnanyi Road,Southern address: District of Hi-tech Park, Shenzhen country: CN phone: +86-755-86013388-80224 e-mail: [email protected] nic-hdl: JX1747-AP mnt-by: MAINT-CNNIC-AP last-modified: 2021-09-17T00:38:09Z source: APNIC route: 175.178.0.0/16 origin: AS45090 descr: China Internet Network Information Center Floor1, Building No.1 C/-Chinese Academy of Sciences 4, South 4th Street Haidian District, mnt-by: MAINT-CNNIC-AP last-modified: 2021-10-11T01:53:45Z source: APNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 7 threat reports