IOC Radar
IPMediumSignal 74/100

202.129.16.23

Location
ThailandThailand
Khwaeng Thung Song Hong, Bangkok
ASN
AS9931
CAT Telecom Public Company Limited
First Seen
Nov 8, 2023
Last Seen
Jun 11, 2026
Nov 8
First Seen
946d ago
Jun 11
Last Seen
today
29
Reports
source reports
74%
Confidence
medium
Found in 29 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
74%
Signal Score
74 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Network Information

CountryTHThailand
RegionKhwaeng Thung Song Hong, Bangkok
ASNAS9931
OrganizationCAT Telecom Public Company Limited

Feed Intelligence Summary

29 reports74% confidence
29
Source reports
74%
Confidence score
Category tags
abuseabuseipdbaccess controlactive scanactive scanningamadeyandroidantispamaptasiaasyncratasyncrat linkattackaustraliaauto-generated securitybad reputationbotnetbotnet activitybrazilbrute forcebrute force attackbrute force attackerbrute-forcebruteforcecommand and controlcommunication protocolcowriecredential accesscredential stuffingcryptbotctadata exfiltrationdata store exposureddosddos attacksdecoy systemdigital oceandistributed attackselephant floweuropeeurope/asiaexploitation activityexploited hostexport-to-otxfinance and insurancefirstgermanyhackinghigh volume traffichoneypot 24h activityidentity & access exploitationindicatorindonesiainfostealerinjection activityinternet of thingsintrusion blockintrusion detectioniot botnetiot securityiot/ics attacklog4jlumma stealermalicious activitymalicious ipmalicious network activitymalicious softwaremalwaremexicomiraimirai botnetmispmobile threatmozinetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork traffic analysisnorth americaoceaniaparaguaypassword attacksphishingplay ransomwareportscanpowershellprobingprocess injectionprotocol exploitationquakbotransomwarereconnaissanceredisremote servicesresearchedrtbhrussiascanscannerscannersscanningscanning activitysecurity policyservice scansingaporeslovakiasouth americaspamsql injectionsshssh attackssh bruteforcet1021t1021.002t1040t1053t1055t1056.001t1059t1059.001t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1486t1496t1497t1499.001t1499.002t1499.003t1565t1595t1595.001t1595.002t1595.003targeting databasetcptcp protocoltcp/23telnettelnet threatththailandthreat actorthreat intelligencethreat preventionthreat-inteltor nodeukraineunauthorized accessunited kingdomvulnerability scanvultrweb app attackweb attackwebscanwebscannerweek

Activity Timeline

1 total obs
Jun 11Jun 11

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
74
SIGNAL
Signal Score
74%
Confidence
29
Reports
First seenNov 8, 2023
Last seenJun 11, 2026
GeolocationTH
CountryThailand
LocationKhwaeng Thung Song Hong, Bangkok
ASNAS9931
OrgCAT Telecom Public Company Limited
Coords13.7442, 100.4608

VirusTotal

Not checked

WHOIS

description
Banned by Fail2Ban [sshd]
raw
inetnum: 202.129.16.0 - 202.129.19.255 netname: CAT-South descr: 490/1 Petchakaserm Road Hadyai Songkhla 90110 descr: ***send spam abuse to [email protected]*** country: TH admin-c: TC476-AP tech-c: IC174-AP abuse-c: AN3307-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-NTPCL-TH mnt-irt: IRT-NTPCL-TH last-modified: 2025-11-19T23:59:33Z source: APNIC irt: IRT-NTPCL-TH address: 99 Chaengwattana Road, Thung Song Hong Subdistrict, Luk Si, Luksi Bangkok 10210 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NTPC2-AP tech-c: NTPC2-AP auth: # Filtered mnt-by: MAINT-NTPCL-TH last-modified: 2026-02-02T07:21:59Z source: APNIC role: ABUSE NTPCLTH country: ZZ address: 99 Chaengwattana Road, Thung Song Hong Subdistrict, Luk Si, Luksi Bangkok 10210 phone: +000000000 e-mail: [email protected] admin-c: NTPC2-AP tech-c: NTPC2-AP nic-hdl: AN3307-AP remarks: Generated from irt object IRT-NTPCL-TH abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-11-19T01:51:42Z source: APNIC person: IP-network CAT Telecom nic-hdl: IC174-AP e-mail: [email protected] address: Data Comm. Dept. National Telecom Public Company Limited address: NT Tower address: 72 Charoenkrung Road Bangrak Bangkok THAILAND 10501 phone: +66-2-6142374 fax-no: +66-2-6142270 country: TH mnt-by: MAINT-TH-THIX-CAT last-modified: 2022-09-05T09:44:01Z source: APNIC person: THIX network staff CAT Telecom nic-hdl: TC476-AP e-mail: [email protected] address: Data Comm. Dept. National Telecom Public Company Limited address: NT Tower address: 72 Charoenkrung Road Bangrak Bangkok THAILAND 10501 phone: +66-2-6142374 fax-no: +66-2-6142270 country: TH mnt-by: MAINT-TH-THIX-CAT last-modified: 2022-09-05T09:49:38Z source: APNIC route: 202.129.16.0/24 origin: AS9931 descr: CAT Telecom Public Company Limited 13th CAT TELECOM TOWER NEW ROAD SRIPHRAYA BANGRAK BANGKOK THAILAND mnt-by: MAINT-NTPCL-TH last-modified: 2025-11-19T01:52:31Z source: APNIC
references
https://list.rtbh.com.tr/output.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, 464.txt, https://any.run/malware-trends/, https://urlhaus.abuse.ch/, Cyber-Detections.com, https://github.com/borestad/blocklist-abuseipdb/blob/main/abuseipdb-s100-3d.ipv4

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen today
Appeared in 29 threat reports