IOC Radar
IPMediumSignal 29/100

1.4.147.36

Location
ThailandThailand
Mueang Samut Prakan, 10
ASN
AS23969
TOT Public Company Limited
First Seen
Feb 6, 2025
Last Seen
May 2, 2026
Feb 6
First Seen
490d ago
May 2
Last Seen
39d ago
10
Reports
source reports
29%
Confidence
medium
1/91
VirusTotal
detections
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
29%
Signal Score
29 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryTHThailand
RegionMueang Samut Prakan, 10
ASNAS23969
OrganizationTOT Public Company Limited

Feed Intelligence Summary

10 reports29% confidence
10
Source reports
29%
Confidence score
Category tags
abuseaccessactive scanactive scanningasiaattackbad reputationbotnetbotnet activitybrute forcecommand and controlcommunication protocolconnectcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredecoy systemdionaeadionaea honeypotdistributed attacksemailexploitation activityftp brute forcegroupshoneytrap honeypotidentity & access exploitationindicatorinjection activitylamplamp exploitation attemptsmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork scanningnetwork securitynorth americaphishingphishing attackphishing trappotential malware distributionprocess injectionprotocol exploitationreconnaissanceresearchedresource hijackingscannerscriptsentrypeer botnetsftpsftp attacksipsip brute forcesip scanningslugsmtp brute forcesocial engineeringsshssh attackssh monitoringsurface webt1016t1018t1021t1040t1041t1046t1053t1055t1059t1071.001t1078t1110t1110.002t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1583t1588t1595t1595.001t1595.002t1595.003tcptelecommunicationstelnet threatththailandthreat actorthreat detectionthreat intelligencetor nodeunited statesvoipvoip attack

Activity Timeline

1 total obs
May 2May 2

Threat Activity Heatmap

· Peak: 2026-05-02
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
29
SIGNAL
Signal Score
29%
Confidence
10
Reports
First seenFeb 6, 2025
Last seenMay 2, 2026
GeolocationTH
CountryThailand
LocationMueang Samut Prakan, 10
ASNAS23969
OrgTOT Public Company Limited
Coords13.8177, 100.7465

VirusTotal

1/ 91vendors flagged
1% detection rateJun 8, 2026

WHOIS

description
2025-02-07T18:34:18.586Z Honeypot : Dionaea : Source: 1.4.147.36 : Port: 1433 Connection: {'protocol': 'mssqld', 'type': 'accept', 'transport': 'tcp'}
raw
inetnum: 1.4.128.0 - 1.4.191.255 netname: TOTNET descr: Dynamic IP Address for residential Broadband Customers country: TH admin-c: AG100-AP tech-c: AG100-AP abuse-c: AT950-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-TH-TOT mnt-lower: MAINT-TH-TOT mnt-routes: MAINT-TH-TOT mnt-routes: MAINT-TH-TOT-ISP mnt-irt: IRT-TOT-TH last-modified: 2021-01-27T13:30:18Z source: APNIC irt: IRT-TOT-TH address: TOT Public Company Limited address: 89/2 Moo 3 Chaengwattana Rd, Laksi,Bangkok 10210 THAILAND e-mail: [email protected] abuse-mailbox: [email protected] admin-c: ira3-ap tech-c: ira3-ap auth: # Filtered remarks: [email protected] was validated on 2025-05-08 remarks: [email protected] was validated on 2025-06-06 mnt-by: MAINT-TH-TOT last-modified: 2025-06-06T07:36:42Z source: APNIC role: ABUSE TOTTH country: ZZ address: TOT Public Company Limited address: 89/2 Moo 3 Chaengwattana Rd, Laksi,Bangkok 10210 THAILAND phone: +000000000 e-mail: [email protected] admin-c: ira3-ap tech-c: ira3-ap nic-hdl: AT950-AP remarks: Generated from irt object IRT-TOT-TH remarks: [email protected] was validated on 2025-05-08 remarks: [email protected] was validated on 2025-06-06 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-06-06T07:36:58Z source: APNIC person: Apipol Gunabhibal nic-hdl: AG100-AP e-mail: [email protected] address: TOT Public Company Limited address: 89/2 Moo 3 Chaengwattana Rd, Laksi, Bangkok 10210 THAILAND phone: +66-2574-9178 country: TH mnt-by: MAINT-TH-TOT last-modified: 2022-08-29T04:23:40Z source: APNIC route: 1.4.128.0/19 descr: TOT Public Company Limited origin: AS23969 mnt-by: MAINT-TH-TOT last-modified: 2012-03-13T04:08:02Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 10 threat reports