IPMediumSignal 46/100

`81.70.200.232`

Location

China

Beijing, Beijing

ASN

AS45090

Online Breedband B.V.

First Seen

Feb 7, 2025

Last Seen

Apr 7, 2026

Feb 7

First Seen

492d ago

Apr 7

Last Seen

68d ago

Reports

source reports

46%

Confidence

medium

6/91

VirusTotal

detections

Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

46%

Signal Score

46 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

44 techniques

Network Information

Country

China

RegionBeijing, Beijing

ASNAS45090

OrganizationOnline Breedband B.V.

Feed Intelligence Summary

11 reports46% confidence

Source reports

46%

Confidence score

Category tags

abuseactive scanadversary simulation toolagent teslaakamaialibabaandroidapi contactaptasiabad reputationbeaconbeaconing activitybotnetbotnet activitybrute forcec2c2 communicationc2 frameworkchinacncobaltcobalt strikecobaltstrikecommand & controlcommand and controlcompromised systemconfigcredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredistributed attackse-commerceencryptioneuropeexecutable fileexploitation activityextortionfeedfindfraudglobalhuaweiidentity & access exploitationindicatorindicators of compromiseinformation technologyinfrastructure acquisitionreconnaissanceinjection activityiociocsiotiot securityjquerylateral movementlateral movement techniqueslinkedin pagemalicious softwaremalwaremalware distributionmanualmedia & entertainmentmobile threatnanocore ratnation-state activitynetworknetwork traffic analysispayload deliverypayload deploymentpayload generationpenetration testing toolphishingphishing attackphppost-exploitationpost-exploitation activitiespost-exploitation activityprocess injectionprotectransomwareransomware feedremote access trojanresearchedscams & fraudsecurity operationssentinel mispserverslugsocial engineeringstrongsurface websystem disruptiont1003t1005t1016t1018t1021t1027t1041t1047t1049t1053t1055t1059t1059.001t1068t1071t1071.001t1078t1083t1090t1090.001t1095t1105t1129t1134t1190t1210t1486t1490t1496t1499.002t1499.003t1543t1565t1566t1566.001t1566.002t1566.003t1567t1569.002t1573t1573.001t1574t1587.001t1590.001telecommunicationthreat actorthreat feedthreat intelligencetor nodeunixvietnamvulnerability scan

Activity Timeline

1 total obs

Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

46%

Confidence

Reports

First seenFeb 7, 2025

Last seenApr 7, 2026

GeolocationCN

CountryChina

LocationBeijing, Beijing

ASNAS45090

OrgOnline Breedband B.V.

Coords34.7732, 113.7220

VirusTotal

6/ 91vendors flagged

7% detection rateJun 8, 2026

WHOIS

description: CC=CN ASN=AS45090 Shenzhen Tencent Computer Systems Company Limited
raw: inetnum: 81.68.0.0 - 81.71.255.255 netname: TENCENT-CN descr: Tencent Cloud Computing (Beijing) Co., Ltd descr: Floor 6, Yinke Building, 38 Haidian St, Haidian District country: CN org: ORG-TCCC1-AP admin-c: TCA15-AP tech-c: TCA15-AP abuse-c: AT992-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-TENCENT-CN mnt-routes: MAINT-TENCENT-CN mnt-irt: IRT-TENCENT-CN last-modified: 2020-07-22T13:10:58Z source: APNIC irt: IRT-TENCENT-CN address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP auth: # Filtered remarks: [email protected] was validated on 2025-03-07 mnt-by: MAINT-COMSENZ1-CN last-modified: 2025-09-04T07:03:34Z source: APNIC organisation: ORG-TCCC1-AP org-name: Tencent Cloud Computing (Beijing) Co., Ltd org-type: LIR country: CN address: 309 West Zone, 3F. 49 Zhichun Road. Haidian District. phone: +86-10-62671299 fax-no: +86-10-82602088-41299 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:16:21Z source: APNIC role: ABUSE TENCENTCN country: ZZ address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 phone: +000000000 e-mail: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP nic-hdl: AT992-AP remarks: Generated from irt object IRT-TENCENT-CN remarks: [email protected] was validated on 2025-03-07 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-03-07T07:43:37Z source: APNIC role: Tencent Cloud administrator address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 country: CN phone: +86-10-62671299 e-mail: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP nic-hdl: TCA15-AP mnt-by: MAINT-AP-DIALPAD fax-no: +86-10-62671299 last-modified: 2017-04-04T10:34:03Z source: APNIC route: 81.68.0.0/14 origin: AS45090 descr: Tencent Cloud Computing (Beijing) Co., Ltd 309 West Zone, 3F. 49 Zhichun Road. Haidian District. mnt-by: MAINT-TENCENT-CN last-modified: 2020-02-24T07:32:48Z source: APNIC
references: https://precisionsec.com/threat-intelligence-feeds/cobaltstrike/, https://threatfox.abuse.ch/export/csv/recent/

`81.70.200.232`

MITRE ATT&CK TTPs

Network Information

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy