← Back to feed
AS45090 Shenzhen Tencent Computer Systems Company Limited
ASN Active mediumWhy this campaign was detected
44 IPs from the same network (Shenzhen Tencent Computer Systems Company Limited, AS45090) were active during overlapping time periods. Temporal correlation across a shared autonomous system suggests infrastructure controlled by the same entity.
Primary ASN
AS45090 · Shenzhen Tencent Computer Systems Company Limited
Subnet
—
Country
🇨🇳 CN
Cloud Provider
—
Member Count
44 IPs
Below average
Total Events
942
Below average by volume
Started / Ended
2026-03-06 13:09 — ongoing
Attack Types
MITRE ATT&CK Techniques
Discovery
Command and Control
Member Actors
| IP Address | Behavior | Confidence | Flags | Events | Agents | Attack Types | Hostname | Last Seen | |
|---|---|---|---|---|---|---|---|---|---|
| 129.211.44.159 | credential_harvester | 57% | 1x OSINT | 152 | 1 | ssh:bruteforce | — | 2026-07-17 15:51 | evidence → |
| 123.207.99.233 | scanner | 53% | 1x OSINT | 354 | 1 | ssh:bruteforce | — | 2026-07-15 01:35 | evidence → |
| 42.194.181.182 | opportunistic_bruter | 46% | 1x OSINT | 23 | 1 | ssh:bruteforce | — | 2026-07-13 22:40 | evidence → |
| 134.175.230.188 | opportunistic_bruter | 38% | 20 | 2 | ssh:bruteforce | — | 2026-07-14 02:38 | evidence → | |
| 1.13.247.254 | opportunistic_bruter | 30% | 10 | 1 | ssh:bruteforce | — | 2026-07-15 08:49 | evidence → | |
| 124.223.163.249 | opportunistic_bruter | 30% | 10 | 1 | ssh:bruteforce | — | 2026-07-15 07:36 | evidence → | |
| 111.230.233.46 | web_probe | 29% | 20 | 1 | http:scan | — | 2026-07-17 12:20 | evidence → | |
| 139.155.134.17 | web_probe | 29% | 11 | 1 | http:scan | — | 2026-07-17 18:05 | evidence → | |
| 119.45.7.86 | web_probe | 29% | 10 | 1 | http:scan | — | 2026-07-17 17:38 | evidence → | |
| 110.42.208.131 | web_probe | 28% | 11 | 1 | http:scan | — | 2026-07-17 11:41 | evidence → | |
| 139.199.229.57 | opportunistic_bruter | 28% | 10 | 1 | ssh:bruteforce | — | 2026-07-14 03:51 | evidence → | |
| 129.204.236.195 | opportunistic_bruter | 28% | 10 | 1 | ssh:bruteforce | — | 2026-07-14 02:31 | evidence → | |
| 43.138.68.113 | web_probe | 28% | 16 | 1 | http:scan | — | 2026-07-17 01:10 | evidence → | |
| 119.29.16.242 | opportunistic_bruter | 28% | 10 | 1 | ssh:bruteforce | — | 2026-07-14 00:29 | evidence → | |
| 82.156.116.86 | web_probe | 25% | 14 | 1 | http:scan | — | 2026-07-15 16:00 | evidence → | |
| 1.13.158.23 | web_probe | 25% | 9 | 1 | http:scan | — | 2026-07-15 21:23 | evidence → | |
| 139.155.126.16 | web_probe | 25% | 7 | 1 | http:scan | — | 2026-07-15 21:18 | evidence → | |
| 119.91.20.139 | web_probe | 24% | 17 | 1 | http:scan | — | 2026-07-14 22:54 | evidence → | |
| 82.156.88.97 | web_probe | 24% | 7 | 1 | http:scan | — | 2026-07-15 15:14 | evidence → | |
| 124.221.140.98 | web_probe | 24% | 8 | 1 | http:scan | — | 2026-07-15 10:02 | evidence → | |
| 49.232.104.223 | web_probe | 24% | 12 | 1 | http:scan | — | 2026-07-14 20:15 | evidence → | |
| 175.27.171.245 | web_probe | 23% | 12 | 1 | http:scan | — | 2026-07-14 18:09 | evidence → | |
| 49.233.45.47 | web_probe | 23% | 14 | 1 | http:scan | — | 2026-07-14 14:03 | evidence → | |
| 43.140.247.223 | web_probe | 23% | 18 | 1 | http:scan | — | 2026-07-14 06:55 | evidence → | |
| 175.27.136.83 | web_probe | 22% | 5 | 1 | http:scan | — | 2026-07-14 12:17 | evidence → | |
| 192.144.148.122 | web_probe | 21% | 11 | 1 | http:scan | — | 2026-07-13 19:33 | evidence → | |
| 175.178.110.121 | web_probe | 21% | 12 | 1 | http:scan | — | 2026-07-13 14:50 | evidence → | |
| 82.157.100.116 | scanner | 20% | 4 | 1 | ssh:bruteforce | — | 2026-07-15 08:21 | evidence → | |
| 124.221.186.24 | scanner | 20% | 4 | 1 | ssh:bruteforce | — | 2026-07-15 08:08 | evidence → | |
| 49.232.26.51 | credential_probe | 20% | 5 | 1 | ssh:bruteforce | — | 2026-07-15 20:06 | evidence → | |
| 1.14.110.85 | web_probe | 20% | 9 | 1 | http:scan | — | 2026-07-13 06:23 | evidence → | |
| 1.15.52.154 | web_probe | 20% | 10 | 1 | http:scan | — | 2026-07-13 03:16 | evidence → | |
| 162.14.81.106 | web_probe | 20% | 10 | 1 | http:scan | — | 2026-07-13 00:16 | evidence → | |
| 124.222.230.178 | web_probe | 20% | 6 | 1 | http:scan | — | 2026-07-13 08:58 | evidence → | |
| 111.231.165.56 | scanner | 20% | 4 | 1 | ssh:bruteforce | — | 2026-07-15 00:34 | evidence → | |
| 122.51.236.174 | web_probe | 19% | 17 | 1 | http:scan | — | 2026-07-12 05:33 | evidence → | |
| 123.207.65.62 | web_probe | 19% | 11 | 1 | http:scan | — | 2026-07-12 05:19 | evidence → | |
| 115.159.50.185 | scanner | 18% | 4 | 1 | ssh:bruteforce | — | 2026-07-14 01:17 | evidence → | |
| 118.24.135.34 | web_probe | 18% | 9 | 1 | http:scan | — | 2026-07-12 00:11 | evidence → | |
| 106.52.49.148 | web_probe | 17% | 14 | 1 | http:scan | — | 2026-07-11 03:53 | evidence → | |
| 146.56.229.214 | web_probe | 17% | 8 | 1 | http:scan | — | 2026-07-11 14:01 | evidence → | |
| 82.156.34.74 | web_probe | 16% | 6 | 1 | http:scan | — | 2026-07-11 08:20 | evidence → | |
| 129.28.84.30 | web_probe | 15% | 4 | 1 | http:scan | — | 2026-07-11 02:59 | evidence → | |
| 82.156.124.125 | scanner | 13% | 4 | 1 | ssh:bruteforce | — | 2026-07-11 09:12 | evidence → |
VPN Known VPN or proxy provider
DROP ASN on Spamhaus DROP list
Nx OSINT Corroborated by N external threat feeds