IOC Radar
IPMediumSignal 33/100

125.229.145.119

Location
Taiwan, Province of ChinaTaiwan, Province of China
Taichung, Taichung City
ASN
AS3462
Chunghwa Telecom Co. Ltd.
First Seen
Jan 13, 2023
Last Seen
Apr 7, 2026
Jan 13
First Seen
1248d ago
Apr 7
Last Seen
68d ago
18
Reports
source reports
33%
Confidence
medium
Found in 18 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
33%
Signal Score
33 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Network Information

CountryTWTaiwan, Province of China
RegionTaichung, Taichung City
ASNAS3462
OrganizationChunghwa Telecom Co. Ltd.

Feed Intelligence Summary

18 reports33% confidence
18
Source reports
33%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiaattackauto-generated securitybad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptcisco devicecommand and controlcommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposureddosddos attacksdecoy systemdevice managementdistributed attacksenterprise networkingexploitation activityhoneytrap honeypotidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attacklamploginmalicious activitymalicious ipmalicious network activitymalicious softwaremalwaremanualmiraimirai botnetnetworknetwork attacksnetwork infrastructurenetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningpassword attacksphishingphishing attackprocess injectionprotocol exploitationreconnaissanceresearchedscanscannersecurity policyservice scansftp attacksocial engineeringssh attackssh monitoringsurface webt1021.002t1040t1041t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1587.001t1590.001t1595t1595.001t1595.002t1595.003taiwantaiwan, province of chinatcptcp protocoltelecommunicationstelnettelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetw

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
33
SIGNAL
Signal Score
33%
Confidence
18
Reports
First seenJan 13, 2023
Last seenApr 7, 2026
GeolocationTW
CountryTaiwan, Province of China
LocationTaichung, Taichung City
ASNAS3462
OrgChunghwa Telecom Co. Ltd.
Coords23.5000, 121.0000

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 125.224.0.0 - 125.231.255.255 netname: HINET-NET descr: Data Communication Business Group, descr: Chunghwa Telecom Co.,Ltd. descr: No.21, Sec.1, Xinyi Rd., Taipei City descr: 10048, Taiwan country: TW admin-c: HN27-AP tech-c: HN27-AP abuse-c: AT939-AP status: ALLOCATED PORTABLE mnt-by: MAINT-TW-TWNIC mnt-irt: IRT-TWNIC-AP last-modified: 2021-11-04T00:49:03Z source: APNIC irt: IRT-TWNIC-AP address: 3F., No. 123, Sec. 4, Bade Rd., Songshan Dist., Taipei 105, Taiwan e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TWA2-AP tech-c: TWA2-AP auth: # Filtered remarks: Please note that TWNIC is not an ISP and is not empowered remarks: to investigate complaints of network abuse. remarks: [email protected] is invalid mnt-by: MAINT-TW-TWNIC last-modified: 2025-02-21T07:05:51Z source: APNIC role: ABUSE TWNICAP country: ZZ address: 3F., No. 123, Sec. 4, Bade Rd., Songshan Dist., Taipei 105, Taiwan phone: +000000000 e-mail: [email protected] admin-c: TWA2-AP tech-c: TWA2-AP nic-hdl: AT939-AP remarks: Generated from irt object IRT-TWNIC-AP remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-02-21T07:06:08Z source: APNIC person: HINET Network-Adm address: CHTD, Chunghwa Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd., address: Taipei Taiwan 100 country: TW phone: +886 2 2322 3495 phone: +886 2 2322 3442 phone: +886 2 2344 3007 fax-no: +886 2 2344 2513 fax-no: +886 2 2395 5671 e-mail: [email protected] nic-hdl: HN27-AP remarks: same as TWNIC nic-handle HN184-TW mnt-by: MAINT-TW-TWNIC last-modified: 2011-08-22T06:04:01Z source: APNIC inetnum: 125.229.0.0 - 125.229.255.255 netname: HINET-NET descr: Chunghwa Telecom Co.,Ltd. descr: No.21-3, Sec. 1, Xinyi Rd., Taipei 10048, Taiwan, R.O.C. descr: Taipei Taiwan country: TW admin-c: HN184-TW tech-c: HN184-TW mnt-by: MAINT-TW-TWNIC remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. changed: [email protected] 20051020 status: ASSIGNED NON-PORTABLE source: TWNIC person: HINET Network-Adm address: Changhua Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd. address: Taipei Taiwan country: TW phone: +886-2-2322-3495 fax-no: +886-2-2344-2513 e-mail: [email protected] nic-hdl: HN184-TW changed: [email protected] 20130307 source: TWNIC
references
https://github.com/telekom-security/tpotce, https://purplesynapz.com/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 2 months ago
Appeared in 18 threat reports