IPMediumSignal 27/100
114.35.245.150
Location
Taiwan, Province of ChinaTaipei, Taiwan
ASN
AS3462
Chunghwa Telecom Co. Ltd.
First Seen
Sep 15, 2022
Last Seen
Jun 7, 2026
Found in 31 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
27%
Signal Score
27 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryTaiwan, Province of China
Taiwan, Province of ChinaRegionTaipei, Taiwan
ASNAS3462
OrganizationChunghwa Telecom Co. Ltd.
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
31 reports27% confidence
31
Source reports
27%
Confidence score
Category tags
abuseabuse contactaccess controlactive scanactive scanningaddressaddress rangeaerospace & defenseallocation typeanonymity network abuseanonymization networkanonymization network activityanonymization network iocsanonymization network trafficanonymization network usageanonymization_network_originanonymization_service_trafficanonymized attack activityanonymous attack sourceanonymous proxiesanonymous proxyanonymous_proxyapacheapache attackeraptasiaasyncratattackauthentication attemptsauto-generated securityautomated attackautomated brute forceautomated feedautomated_attackautomotive manufacturingbad reputationbad web botbotnetbotnet activitybotnet activity detectionbotnet c2botnet indicatorsbrute forcebrute force attackbrute force attacksbrute force attemptsbrute-forcebrute-force attackbrute_forcebrute_force_attackc2c2 addressesc2 communicationc2 infrastructurec2 servercidrcivil servicescommand & controlcommand and controlcommunication protocolcompromised hostcompromised host indicatorscompromised infrastructure indicatorscompromised systemcredential accesscredential attackcredential guessingcredential harvestingcredential stuffingcredential_accesscredential_attackcredential_guessingcredential_stuffingcyber securityda utrechtdata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedistributed attacksdprkelectronics manufacturingencryptionenumerationeuropeevasionexit nodeexit node threatexploitation activityexternal proxyfeedfeed-harvestfeodofeodo trackerfeodo-trackerfinlandfireholfranceftpftp brute forceftp_attemptsftp_brute_forceftp_servicegermanygovernment technologyhandlehashhoneynet connecthttp brute forcehttp probinghttp scannerhttp scanninghttp_brute_forcehttpshttps scanningidentity & access exploitationindicatorindicatorsindicators of compromiseindicators_of_compromiseindustrial automationindustrial iotindustrial productioninformation technologyinfrastructure acquisitionreconnaissanceinitial accessinitial_accessinitial_access_attemptinjection activityinjection attacksinternet_background_noiseintrusion detectioniociocsiosiot securityircit infrastructureja3ja3 fingerprintja3 fingerprintsja3 hashja3 hash iocja3 hashesja3 hashingkimsukylateral movementlegacylogin attemptlogin credentialsmalicious activitymalicious domainmalicious domainsmalicious hashesmalicious ip addressesmalicious ipsmalicious linksmalicious softwaremalicious trafficmalicious urlsmalicious_ipsmalicious_trafficmalwaremalware communicationmalware distributionmalware domainmalware domainsmalware indicatorsmalware urlsmanualmanufacturing technologymilitary operationsmobile malwaremobile threatmssql_brute_forcenational securitynetherlandsnetworknetwork attacksnetwork enumerationnetwork intrusionnetwork intrusion attemptsnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork servicesnetwork trafficnetwork traffic analysisnetwork_attacknetwork_enumerationnetwork_indicatorsnetwork_reconnaissancenetwork_service_probingnetworkmonitoringnextraynorth americaopenphish feedopenphish iocopportunistic_attackerorgidpassword attackpassword attacksphishingphishing attackphishing campaignphishing campaignsphishing domainphishing domainsphishing urlspolandpossible botnet activitypossible credential stuffingpossible reconnaissancepotential botnet activityprocess injectionprocess manufacturingprotocol exploitationprotocol scanningprotocol_scanningproxyproxy abuseproxy ip addressesproxy ipsproxy networkproxy serverproxy server activityproxy_trafficproxy_usagepublic administrationpublic infrastructurepublic policyquality controlrdp_attemptsrdp_brute_forcerdp_servicerecaptcha bypassreconnaissancereconnaissance activityreconnaissance_activityregulatory agenciesremote accessremote servicesresearchedripe nccscannerscanning activitysecurity operationssecurity policyservice enumerationservice scansmb brute forcesmb_enumerationsmb_servicesmtpsmtp brute forcesmtp_brute_forcesocial engineeringsoftware developmentspamspam campaignsspam domainsspam sourcespamhausspamhaus dropspamhaus drop feedspamhaus drop iocspamhausdropsshssh attackssh_attemptsssh_brute_forcessh_servicessl blacklistssl certificatessl certificatessslblsslblackliststatusstixstix feedsupply chain attacksupply chain managementsurfnet bvsuspicious-udpsuspicioustrafficsyn scant1005t1016t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1041t1046t1048t1053t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1071.002t1071.004t1076t1077t1078t1083t1087t1090t1090 proxyt1090.002t1090.003t1105t1110t1110 brute forcet1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1192t1195t1195.001t1195.002t1203t1204t1204.001t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1564.003t1564.004t1565t1566t1566.001t1566.002t1566.003t1572t1573t1573.001t1583t1583.001t1583.006t1584t1587.001t1588t1588.002t1588.004t1588.006t1589t1589.001t1590t1590.001t1590.005t1592t1592.004t1595t1595 active scanningt1595.001t1595.002t1595.003taiwantaiwan, province of chinatcp protocoltcp scantcp scanningtelnet threattelnet_attemptsthreat activitythreat actorthreat feedthreat infrastructurethreat intelligencethreat intelligence aggregationthreat intelligence feedthreat preventionthreat-intelthreat_activitythreat_actor_activitythreat_intelligencethreat_intelligence_feedtls fingerprinttortor activitytor exit nodetor exit nodestor networktor network activitytor nodetor node indicatorstor-exit-nodestor-guard-nodestor_exit_nodetor_traffictorexittorexitnodestwudp scanunattributed_threat_activityunauthorized access attemptunauthorized_accessunited statesurlhausvpnvpn ip addressesvpn servicevpn trafficvpn_trafficvulnerability scanweb application attackweb application scanningweb brute forceweb exploitationweb securityweb trafficweb_service_scanningwhois serverwim biemolt
Activity Timeline
Jun 7Jun 7
Threat Activity Heatmap
· Peak: 2026-06-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
27
SIGNAL
Signal Score
27%
Confidence
31
Reports
First seenSep 15, 2022
Last seenJun 7, 2026
GeolocationTW
CountryTaiwan, Province of China
LocationTaipei, Taiwan
ASNAS3462
OrgChunghwa Telecom Co. Ltd.
Coords25.0334, 121.5660
ProxyVPN
VirusTotal
Not checked
WHOIS
- description
- Anonymization_Network indicators. Date: Apr 8, 2026. Part 2/5. For more threat intelligence visit https://ltna.com.au/cyber
- raw
- inetnum: 114.32.0.0 - 114.47.255.255 netname: HINET-NET descr: Data Communication Business Group, descr: Chunghwa Telecom Co.,Ltd. descr: No.21, Sec.1, Xinyi Rd., Taipei City descr: 10048, Taiwan country: TW admin-c: HN27-AP tech-c: HN27-AP abuse-c: AT939-AP status: ALLOCATED PORTABLE mnt-by: MAINT-TW-TWNIC mnt-irt: IRT-HINET-1-TW last-modified: 2023-11-30T03:46:59Z source: APNIC irt: IRT-HINET-1-TW address: Data Communication Business Group, address: Chunghwa Telecom Co.,Ltd. address: No.21, Sec.1, Xinyi Rd., Taipei City address: 10048, Taiwan e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HN27-AP tech-c: HN27-AP auth: # Filtered mnt-by: MAINT-TW-TWNIC last-modified: 2024-02-01T22:23:23Z source: APNIC role: ABUSE TWNICAP country: ZZ address: 3F., No. 123, Sec. 4, Bade Rd., Songshan Dist., Taipei 105, Taiwan phone: +000000000 e-mail: [email protected] admin-c: TWA2-AP tech-c: TWA2-AP nic-hdl: AT939-AP remarks: Generated from irt object IRT-TWNIC-AP remarks: [email protected] was validated on 2025-05-23 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-05-23T00:02:10Z source: APNIC person: HINET Network-Adm address: CHTD, Chunghwa Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd., address: Taipei Taiwan 100 country: TW phone: +886 2 2322 3495 phone: +886 2 2322 3442 phone: +886 2 2344 3007 fax-no: +886 2 2344 2513 fax-no: +886 2 2395 5671 e-mail: [email protected] nic-hdl: HN27-AP remarks: same as TWNIC nic-handle HN184-TW mnt-by: MAINT-TW-TWNIC last-modified: 2011-08-22T06:04:01Z source: APNIC inetnum: 114.35.0.0 - 114.35.255.255 netname: HINET-NET descr: Chunghwa Telecom Co.,Ltd. descr: No.21-3, Sec. 1, Xinyi Rd., Taipei 10048, Taiwan, R.O.C. descr: Taipei Taiwan country: TW admin-c: HN184-TW tech-c: HN184-TW mnt-by: MAINT-TW-TWNIC changed: [email protected] 20080421 status: ASSIGNED NON-PORTABLE remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. source: TWNIC person: HINET Network-Adm address: Changhua Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd. address: Taipei Taiwan country: TW phone: +886-2-2322-3495 fax-no: +886-2-2344-2513 e-mail: [email protected] nic-hdl: HN184-TW changed: [email protected] 20130307 remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. source: TWNIC
- references
- https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://check.torproject.org/torbulkexitlist, Exit_Nodes.csv
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 years ago · Last seen 6 days ago
Appeared in 31 threat reports