IOC Radar
IPMediumSignal 36/100

81.70.199.152

Location
ChinaChina
Beijing, Beijing
ASN
AS45090
Online Breedband B.V.
First Seen
Dec 28, 2024
Last Seen
Apr 8, 2026
Dec 28
First Seen
542d ago
Apr 8
Last Seen
77d ago
11
Reports
source reports
36%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
36%
Signal Score
36 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

28 techniques

Network Information

CountryCNChina
RegionBeijing, Beijing
ASNAS45090
OrganizationOnline Breedband B.V.

Feed Intelligence Summary

11 reports36% confidence
11
Source reports
36%
Confidence score
Category tags
abuseaccessactive scanactive scanningasiaattackbad reputationbankingbotnetbotnet activitybrute forcebrute force attackchinacncommand and controlcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingcredit card servicesdata exfiltrationdata store exposureddosddos attackdecoy systemdenial of servicedistributed attacksemailexploitation activityexploited hostfinancefinance and insurancefinancial servicesfinancial technologyftp brute forcegithubgroupshackinghoneytrap honeypotidentity & access exploitationindicatorinjection activitylamplateral movementmailoney honeypotmalicious activitymalicious softwaremalwarenetworknetwork enumerationnetwork probingnetwork scanningpassword attackspayment processingphishingphishing attackphishing trappotential malicious activityprocess injectionpythonreconnaissanceresearchedscannerscanning activityscriptservice enumerationsftpsftp attackslugsmtp brute forcesocial engineeringspamsshssh attackssh monitoringsurface webt1021t1021.004t1041t1055t1059t1059.004t1071.001t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003telecommunicationsthreat actorthreat detectiontor nodeunauthorized access attemptsunidentified attackerwealth managementweb application attackweb exploitationweb scannerweb spam

Activity Timeline

1 total obs
Apr 8Apr 8

Threat Activity Heatmap

· Peak: 2026-04-08
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
36
SIGNAL
Signal Score
36%
Confidence
11
Reports
First seenDec 28, 2024
Last seenApr 8, 2026
GeolocationCN
CountryChina
LocationBeijing, Beijing
ASNAS45090
OrgOnline Breedband B.V.
Coords34.7732, 113.7220

VirusTotal

Not checked

WHOIS

description
Unknown source type: h0neytr4p
raw
inetnum: 81.68.0.0 - 81.71.255.255 netname: TENCENT-CN descr: Tencent Cloud Computing (Beijing) Co., Ltd descr: Floor 6, Yinke Building, 38 Haidian St, Haidian District country: CN org: ORG-TCCC1-AP admin-c: TCA15-AP tech-c: TCA15-AP abuse-c: AT992-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-TENCENT-CN mnt-routes: MAINT-TENCENT-CN mnt-irt: IRT-TENCENT-CN last-modified: 2020-07-22T13:10:58Z source: APNIC irt: IRT-TENCENT-CN address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP auth: # Filtered remarks: [email protected] was validated on 2025-03-07 mnt-by: MAINT-COMSENZ1-CN last-modified: 2025-03-07T07:43:08Z source: APNIC organisation: ORG-TCCC1-AP org-name: Tencent Cloud Computing (Beijing) Co., Ltd org-type: LIR country: CN address: 309 West Zone, 3F. 49 Zhichun Road. Haidian District. phone: +86-10-62671299 fax-no: +86-10-82602088-41299 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:16:21Z source: APNIC role: ABUSE TENCENTCN country: ZZ address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 phone: +000000000 e-mail: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP nic-hdl: AT992-AP remarks: Generated from irt object IRT-TENCENT-CN remarks: [email protected] was validated on 2025-03-07 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-03-07T07:43:37Z source: APNIC role: Tencent Cloud administrator address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 country: CN phone: +86-10-62671299 e-mail: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP nic-hdl: TCA15-AP mnt-by: MAINT-AP-DIALPAD fax-no: +86-10-62671299 last-modified: 2017-04-04T10:34:03Z source: APNIC route: 81.68.0.0/14 origin: AS45090 descr: Tencent Cloud Computing (Beijing) Co., Ltd 309 West Zone, 3F. 49 Zhichun Road. Haidian District. mnt-by: MAINT-TENCENT-CN last-modified: 2020-02-24T07:32:48Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 11 threat reports