IOC Radar
IPMediumSignal 46/100

203.170.146.146

Location
ThailandThailand
Huai Khwang, 10
ASN
AS4750
TillekeGibbins
First Seen
Jan 20, 2021
Last Seen
Jun 6, 2026
Jan 20
First Seen
1967d ago
Jun 6
Last Seen
5d ago
23
Reports
source reports
46%
Confidence
medium
3/91
VirusTotal
detections
Found in 23 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
46%
Signal Score
46 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

50 techniques

Network Information

CountryTHThailand
RegionHuai Khwang, 10
ASNAS4750
OrganizationTillekeGibbins

IP Category

Proxy
Proxy server
VPN
VPN exit node

Feed Intelligence Summary

23 reports46% confidence
23
Source reports
46%
Confidence score
Category tags
access controlactive scanactive scanningaerospace & defenseasiaattackautomotive manufacturingbotnetbotnet activitybotnet activity detectedbrute forcebrute force attackbrute force attackerbrute force attacksc2c2 communicationcivil servicescommand & controlcommand and controlcompromised hostscredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosddos preparationdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedistributed attackselectronics manufacturingexploit attemptsexploitation activityftp brute forcegovernment technologyhackinghttp scanninghttps scanningidentity & access exploitationindustrial automationindustrial iotindustrial productioninfrastructure acquisitionreconnaissanceinjection activityiociot securitylateral movementmalicious activitymalicious softwaremalwaremalware distributionmanualmanufacturing technologymilitary operationsnational securitynetworknetwork enumerationnetwork intrusionnetwork scanningnetwork securitynextraypassword attacksphishingphishing attackprocess injectionprocess manufacturingprotocol exploitationproxyproxy activitypublic administrationpublic infrastructurepublic policyquality controlreconnaissanceregulatory agenciesresearchedscannersecurity operationssecurity policysmtp scanningsocial engineeringsocks proxyspamssh attacksupply chain attacksupply chain managementt1003t1005t1016t1018t1021t1040t1043t1047t1053t1053.005t1055t1056t1059t1071t1071.001t1071.002t1071.004t1078t1083t1090t1090.001t1090.002t1090.003t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1497t1499.001t1499.002t1499.003t1550t1552t1555t1556t1565t1566.001t1566.002t1566.003t1573t1587.001t1590.001t1595.001t1595.002t1595.003telnet threatththailandthreat actorthreat intelligencethreat preventiontor nodevpnweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
46
SIGNAL
Signal Score
46%
Confidence
23
Reports
First seenJan 20, 2021
Last seenJun 6, 2026
GeolocationTH
CountryThailand
LocationHuai Khwang, 10
ASNAS4750
OrgTillekeGibbins
Coords13.6000, 100.7164
ProxyVPN

VirusTotal

3/ 91vendors flagged
3% detection rateJun 7, 2026

WHOIS

description
proxy-proxy_socks4 search result.
raw
inetnum: 203.170.146.144 - 203.170.146.159 netname: TillekeGibbins-TH descr: reassign to "Tilleke&Gibbins International" descr: contact "[email protected]" country: TH admin-c: LIA1-AP tech-c: LIA1-AP abuse-c: AC1613-AP status: ASSIGNED NON-PORTABLE mnt-by: LOXINFO-IS mnt-irt: IRT-CSLOXINFO-TH last-modified: 2021-01-20T01:55:06Z source: APNIC irt: IRT-CSLOXINFO-TH address: CW Tower address: Ratchadapisek Road, Huai Khwang, Bangkok 10310 phone: +66 2 2638000 fax-no: +66 2 2638790 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: LIA1-AP tech-c: LIA1-AP auth: # Filtered remarks: [email protected] was validated on 2025-09-04 mnt-by: CSLOXINFO-IS last-modified: 2025-09-04T17:19:17Z source: APNIC role: ABUSE CSLOXINFOTH country: ZZ address: CW Tower address: Ratchadapisek Road, Huai Khwang, Bangkok 10310 phone: +66 2 2638000 e-mail: [email protected] admin-c: LIA1-AP tech-c: LIA1-AP nic-hdl: AC1613-AP remarks: Generated from irt object IRT-CSLOXINFO-TH remarks: [email protected] was validated on 2025-09-04 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-09-04T22:49:47Z source: APNIC role: Loxinfo IP Admins remarks: CS LOXINFO PUBLIC COMPANY LIMITED address: CW Tower address: Ratchadapisek Road, Huai Khwang, Bangkok 10310 country: TH phone: +66-2263-8000 fax-no: +66-2263-8790 e-mail: [email protected] admin-c: LIA1-AP tech-c: LIA1-AP nic-hdl: LIA1-AP mnt-by: CSLOXINFO-IS last-modified: 2017-06-09T17:43:45Z source: APNIC
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 5 days ago
Appeared in 23 threat reports