IPMediumSignal 100/100
118.232.47.238
Location
TaiwanTaichung, Taichung City
ASN
AS38841
KBRO
First Seen
Jan 19, 2025
Last Seen
Feb 12, 2026
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryTaiwan
TaiwanRegionTaichung, Taichung City
ASNAS38841
OrganizationKBRO
Feed Intelligence Summary
9 reports99% confidence
9
Source reports
99%
Confidence score
Category tags
abuseactive scanningasiaattackbotnetbrute forcebrute force attackcommand and controlcowriecowrie honeypotcowrie honeypot datacredential accesscredential harvestingcredential stuffingctadata exfiltrationdecoy systemdistributed attacksgithubhoneytrap honeypotindicatorinfrastructure acquisitionreconnaissanceinitial accesslamploginmailoney honeypotmalicious activitymalicious softwaremalwaremanualmysqlnetworknetwork probingnetwork scanningnetwork securitynetwork service scanningnginxnorth americapassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationpythonreconnaissanceremote serviceresearchedscannerserversftpsftp attacksftp exploit attemptslugsocial engineeringsshssh attackssh monitoringsurface webt1021t1021.004t1040t1041t1055t1059t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1587.001t1590.001t1595t1595.001t1595.002t1595.003taiwantaiwan, province of chinatcp/23telecommunicationstelnet threatthreat actorthreat detectiontwunauthorized access attemptunited states
Activity Timeline
Feb 12Feb 12
Threat Activity Heatmap
· Peak: 2026-02-12LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
9
Reports
First seenJan 19, 2025
Last seenFeb 12, 2026
GeolocationTW
CountryTaiwan
LocationTaichung, Taichung City
ASNAS38841
OrgKBRO
Coords24.1440, 120.6844
VirusTotal
Not checked
WHOIS
- description
- 2025-02-19T18:34:57.713Z Honeypot : Cowrie : Source: 118.232.47.238 Data: New connection: 118.232.47.238:46130 (172.25.0.2:23) [session: f75b27423b23]
- raw
- inetnum: 118.232.0.0 - 118.233.255.255 netname: KBRO-NET descr: kbro CO. Ltd. descr: 9F., No.260, Sec. 2, Bade Rd., Songshan Dist., descr: Taipei City 105, Taiwan (R.O.C.) country: TW admin-c: KA290-AP tech-c: KA290-AP abuse-c: AT939-AP status: ALLOCATED PORTABLE notify: [email protected] notify: [email protected] mnt-by: MAINT-TW-TWNIC mnt-lower: MAINT-TW-TWNIC mnt-routes: MAINT-TW-TWNIC mnt-irt: IRT-TWNIC-AP last-modified: 2021-09-15T08:01:03Z source: APNIC irt: IRT-TWNIC-AP address: 3F., No. 123, Sec. 4, Bade Rd., Songshan Dist., Taipei 105, Taiwan e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TWA2-AP tech-c: TWA2-AP auth: # Filtered remarks: Please note that TWNIC is not an ISP and is not empowered remarks: to investigate complaints of network abuse. remarks: [email protected] was validated on 2025-05-23 mnt-by: MAINT-TW-TWNIC last-modified: 2025-05-23T00:01:36Z source: APNIC role: ABUSE TWNICAP country: ZZ address: 3F., No. 123, Sec. 4, Bade Rd., Songshan Dist., Taipei 105, Taiwan phone: +000000000 e-mail: [email protected] admin-c: TWA2-AP tech-c: TWA2-AP nic-hdl: AT939-AP remarks: Generated from irt object IRT-TWNIC-AP remarks: [email protected] was validated on 2025-05-23 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-05-23T00:02:10Z source: APNIC person: Kbro adm address: 9F., No.260, Sec. 2, Bade Rd., Songshan Dist., address: Taipei City 105, Taiwan (R.O.C.) country: TW phone: +886-2-6611-1688 ext. 15126 e-mail: [email protected] nic-hdl: KA290-AP mnt-by: MAINT-TW-TWNIC fax-no: +886-2-6611-2115 last-modified: 2021-09-15T07:50:53Z source: APNIC inetnum: 118.232.0.0 - 118.232.63.255 netname: KBRO-NET descr: kbro CO. Ltd. descr: 9F., No.260, Sec. 2, Bade Rd., Songshan Dist., Taipei City 105, Taiwan (R.O.C.) descr: Taipei Taiwan country: TW admin-c: VL99-TW tech-c: VL107-TW mnt-by: MAINT-TW-TWNIC changed: [email protected] 20071211 status: ASSIGNED NON-PORTABLE remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. source: TWNIC person: abuse abuse address: kbro CO. Ltd. address: 9F., No.260, Sec. 2, Bade Rd., Songshan Dist., Taipei City 105, Taiwan (R.O.C.) address: Taipei City Taiwan country: TW phone: +886-2-6611-1688 ext. 15126 fax-no: +886-2-6611-2115 e-mail: [email protected] nic-hdl: VL107-TW changed: [email protected] 20210915 remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. source: TWNIC person: adm adm address: kbro CO. Ltd. address: 8F., No.260, Sec. 2, Bade Rd., Songshan Dist., Taipei City 105, Taiwan (R.O.C.) address: Taipei Taiwan country: TW phone: +886-2-6611-1688 ext. 15126 fax-no: +886-2-6611-2115 e-mail: [email protected] nic-hdl: VL99-TW changed: [email protected] 20170518 remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. source: TWNIC
- references
- https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 4 months ago
Appeared in 9 threat reports