IOC Radar
IPMediumSignal 79/100

163.7.1.207

Location
IndonesiaIndonesia
Banguntapan, BOP
ASN
AS150436
Byteplus Pte. Ltd
First Seen
Feb 14, 2026
Last Seen
May 2, 2026
Feb 14
First Seen
120d ago
May 2
Last Seen
43d ago
18
Reports
source reports
79%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
79%
Signal Score
79 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

38 techniques

Network Information

CountryIDIndonesia
RegionBanguntapan, BOP
ASNAS150436
OrganizationByteplus Pte. Ltd

Feed Intelligence Summary

18 reports79% confidence
18
Source reports
79%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningaptasiaattackaustraliabad reputationblacklist evasionblocklist_allbotnetbotnet activitybrute forcebrute force attackc2command & controlcommand and controlcommand executioncommunication protocolcompromised systemcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdenial of servicedenial-of-servicedhcpdionaeadionaea honeypotdistributed attackselasticsearchencryptioneuropeexploitexploitation activityfattftpftp brute forcehackinghoneytrap honeypothttp brute forcehttp requesthttp scannerididentity & access exploitationimapindicatorindonesiainformation gatheringinjection activityintrusion detectioniot securitylateral movementldapmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemssqlnetworknetwork monitoringnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnew zealandntpoceaniaopenctioraclep0fpassword attacksphishingphishing attackphishing trapping of deathpostgresprocess injectionprotocol exploitationransomwarereconnaissanceredisremote accessremote service exploitationremote servicesresearchedresource hijackingscanscannerscanning activitysecurity operationssecurity policysensor-taggedsentrypeer botnetserver exploitationsmbsmtpsnmpsocial engineeringsocks5socradar honeypotspamsql injectionsshssh attackssh monitoringsystem discoveryt1021t1021.001t1021.002t1040t1046t1055t1059t1059.003t1059.005t1071t1071.001t1076t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1505.004t1563t1565t1566t1566.001t1566.002t1566.003t1595t1595.001t1595.002t1595.003tannertargeting databasetcp scantelnettelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotudp scanunited kingdomvncvnc protocolvoip attackvulnerability scanweb app attackweb application attackweb brute forceweb exploitationweb traffic

Activity Timeline

1 total obs
May 2May 2

Threat Activity Heatmap

· Peak: 2026-05-02
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
79
SIGNAL
Signal Score
79%
Confidence
18
Reports
First seenFeb 14, 2026
Last seenMay 2, 2026
GeolocationID
CountryIndonesia
LocationBanguntapan, BOP
ASNAS150436
OrgByteplus Pte. Ltd
Coords-38.1296, 176.2444

VirusTotal

Not checked

WHOIS

raw
inetnum: 163.7.0.0 - 163.7.127.254 netname: BYTEPLUS-SG descr: BYTEPLUS country: ID admin-c: BPLA13-AP tech-c: BPLA13-AP abuse-c: AB1590-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-BYTEPLUS-SG mnt-irt: IRT-BYTEPLUS-SG last-modified: 2025-06-11T09:22:54Z source: APNIC irt: IRT-BYTEPLUS-SG address: 1 Raffles Quay, e-mail: [email protected] abuse-mailbox: [email protected] admin-c: BPLA13-AP tech-c: BPLA13-AP auth: # Filtered remarks: [email protected] was validated on 2025-08-25 mnt-by: MAINT-BYTEPLUS-SG last-modified: 2025-11-18T00:36:32Z source: APNIC role: ABUSE BYTEPLUSSG country: ZZ address: 1 Raffles Quay, # 26-10, South Tower, Singapore Singapore 048583 phone: +000000000 e-mail: [email protected] admin-c: BPLA13-AP tech-c: BPLA13-AP nic-hdl: AB1590-AP remarks: Generated from irt object IRT-BYTEPLUS-SG remarks: [email protected] was validated on 2025-08-25 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-08-25T01:59:54Z source: APNIC role: Byteplus Pte Ltd administrator address: 1 Raffles Quay, #26-10, South Tower, Singapore Singapore 048583 country: SG phone: +65-6950-4420 e-mail: [email protected] admin-c: BPLA13-AP tech-c: BPLA13-AP nic-hdl: BPLA13-AP mnt-by: MAINT-BYTEPLUS-SG last-modified: 2022-11-22T00:30:44Z source: APNIC route: 163.7.1.0/24 origin: AS150436 descr: Byteplus Pte. Ltd. 1 Raffles Quay, #26-10, South Tower mnt-by: MAINT-BYTEPLUS-SG last-modified: 2025-06-09T09:01:14Z source: APNIC
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 4 months ago · Last seen 1 month ago
Appeared in 18 threat reports