IOC Radar
IPMediumSignal 59/100

101.13.5.49

Location
Taiwan, Province of ChinaTaiwan, Province of China
Taipei, Taipei
ASN
AS24158
TAIWANMOBILE
First Seen
Dec 14, 2024
Last Seen
Jun 6, 2026
Dec 14
First Seen
548d ago
Jun 6
Last Seen
9d ago
26
Reports
source reports
59%
Confidence
medium
Found in 26 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
59%
Signal Score
59 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

65 techniques

Network Information

CountryTWTaiwan, Province of China
RegionTaipei, Taipei
ASNAS24158
OrganizationTAIWANMOBILE

Feed Intelligence Summary

26 reports59% confidence
26
Source reports
59%
Confidence score
Category tags
abuseaccess controlaccount compromiseaccount enumerationactive scanactive scanningactive-attackadresse ipaptasiaatif feedattackauthenticationauthentication-failureauto-generated securityazure adbad reputationbad web botbankingbanlist feedbelgiumbinary defenseblacklisted domainblacklisted ipblacklisted urlblocklist_allbotnetbotnet activitybotnet c2botnet communicationbrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptbrute force attemptsbrute-forcebruteforcec2 communicationcloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommunication protocolcompromised hostscompromised system detectioncowrie honeypotcredential accesscredential brute forcecredential harvestingcredential stuffingcredential theftcredential-dumpingcredential-harvestingcredit card servicesctadata exfiltrationdata store exposureddosddos activityddos attackddos attacksdecoy systemdenial of servicedga domaindigital oceandistributed attacksdns attackemerging threatsenv-huntingeuropeexploitation activityexploited hostexternal remote servicesfinancefinancial servicesfinancial technologyfinlandfnt-secure-sentinelfnt-sentinelfranceftp brute forceftp brute-forcegermanyhackinghoneynet connecthttp brute forcehttp communicationhttps communicationidentity & access exploitationimapimap attackimap brute forceindicatorindicators of compromiseinfrastructure acquisitionreconnaissanceinitial accessinjection activityinternet wide scaninternet-facingipv4irc communicationlateral movementlogin attacklogin attemptlogin attemptsmalaysiamalicious activitymalicious domainsmalicious ip addressesmalicious softwaremalicious trafficmalicious-ipmalwaremalware distributionmalware-related botnet activitymanualmicrosoft entra idmultiple usersnetworknetwork attacksnetwork discoverynetwork enumerationnetwork intrusionnetwork probingnetwork protocolnetwork scanningnetwork scanning activitynetwork securitynetwork service scanningnginxnorth americap2p communicationpassword attackpassword attackspassword crackingpayment processingphishingphishing attackpolandpop3 brute forcepossible botnet infectionpossible ddos activityprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedresource hijackingscannerscannersscanning activitysecurity operationssecurity policyservice scansftp attacksmb brute forcesmtpsmtp attackersmtp brute forcesmtp-attacksocial engineeringspamspam botsshssh attackssh monitoringssh protocolt1005t1018t1020t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1029t1040t1041t1046t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1071.002t1071.003t1071.004t1076t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566t1566.001t1566.002t1566.003t1568t1568.002t1569t1569.002t1571t1573t1573.001t1573.002t1587.001t1588.004t1590t1590.001t1592t1595t1595.001t1595.002t1595.003taiwantaiwan, province of chinatcp protocoltcp scantelnet threatthreat actorthreat intelligencethreat preventiontor nodeturkeytwudp scanunauthorized accessunauthorized access attemptunited kingdomunited statesunknown threat groupvalid accountswealth managementweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
59
SIGNAL
Signal Score
59%
Confidence
26
Reports
First seenDec 14, 2024
Last seenJun 6, 2026
GeolocationTW
CountryTaiwan, Province of China
LocationTaipei, Taipei
ASNAS24158
OrgTAIWANMOBILE
Coords25.0382, 121.5636

VirusTotal

Not checked

WHOIS

description
FNT Sentinel Real-time Intercept: SMTP brute-force detected. Reference: 2026-05-09 22:38:59.5603 Login failure: 101.13.5.49 SMTP

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 9 days ago
Appeared in 26 threat reports