IPMediumSignal 26/100
218.161.97.152
Location
Taiwan, Province of ChinaKaohsiung, CYI
ASN
AS3462
Chunghwa Telecom Co. Ltd.
First Seen
Feb 1, 2024
Last Seen
Apr 7, 2026
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
26%
Signal Score
26 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryTaiwan, Province of China
Taiwan, Province of ChinaRegionKaohsiung, CYI
ASNAS3462
OrganizationChunghwa Telecom Co. Ltd.
Feed Intelligence Summary
8 reports26% confidence
8
Source reports
26%
Confidence score
Category tags
active scanactive scanningadbhoney honeypotasiaattackbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptsbrute_forcecisco devicecisco exploitation attemptcisco exploitation attemptscommand and controlcommunication protocolconpot honeypotcowrie honeypotcredential accesscredential harvestingcredential stuffingcve scandata exfiltrationdata store exposuredatabase attacksdatabase exploitation attemptdatabase securityddosddos attackdecoy systemdenial of servicedevice managementdionaea honeypotdistributed attackselasticpot honeypotelasticsearch monitoringenterprise networkingexploit kit activityexploitation activityftpftp brute forceftp brute-forceftp_bruteforcehoneytrap honeypothttp brute forcehttp scannerhttp_scanhttpshttps_scanics securityidentity & access exploitationindicatorindustrial control systemsinitial accessinjection activityinjection attacksiot attacksiot device targetingiot securityiot/ics attackipphoney honeypotlampmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware detectionmalware distributionnetworknetwork enumerationnetwork infrastructurenetwork intrusion attemptsnetwork scanningnetwork securitynetwork service scanningnorth americapassword attacksphishingphishing attackphishing trappossible botnet activitypossible malware distributionprocess injectionprotocol exploitationreconnaissanceredis honeypotremote accessremote access attemptremote servicesresearchedresource hijackingscannerscripting attackssentrypeer botnetservice scansftp access attemptssftp activitysftp attackshell access attemptssip brute forcesip scanningsocial engineeringspamsql injection attemptssh attackssh brute-forcessh monitoringssh_bruteforcet1021t1021.001t1040t1041t1046t1055t1059t1059.003t1059.007t1071.001t1076t1078t1083t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003taiwantannertargeting databasetelecommunicationstelnet threattelnet_bruteforcethreat actorthreat detectionthreat intelligencetor nodetwunauthorized accessunauthorized access attemptunited statesvoipvoip attackvulnerability scanweb application attackweb application attacksweb attackweb exploitationweb shell attemptweb traffic
Activity Timeline
Apr 7Apr 7
Threat Activity Heatmap
· Peak: 2026-04-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
26
SIGNAL
Signal Score
26%
Confidence
8
Reports
First seenFeb 1, 2024
Last seenApr 7, 2026
GeolocationTW
CountryTaiwan, Province of China
LocationKaohsiung, CYI
ASNAS3462
OrgChunghwa Telecom Co. Ltd.
Coords23.4815, 120.4498
VirusTotal
Not checked
WHOIS
- description
- 2025-07-05T00:55:09.009Z Honeypot : Heralding : Source: 218.161.97.152 : Username/Password: [user]/ass Port: 1080 Message: 2025-07-05 00:55:09.009089,e40bd4b4-19dd-4af4-9c1d-9ec8a5569d23,40bb089d-6e49-4d1a-95dc-4abb9ab25847,218.161.97.152,39200,99.18.26.19,1080,socks5,[user],ass,
- raw
- inetnum: 218.160.0.0 - 218.175.255.255 netname: HINET-NET descr: Data Communication Business Group, descr: Chunghwa Telecom Co.,Ltd. descr: No.21, Sec.1, Xinyi Rd., Taipei City descr: 10048, Taiwan country: TW admin-c: HN27-AP tech-c: HN27-AP mnt-by: MAINT-TW-TWNIC mnt-irt: IRT-HINET-AP status: ALLOCATED PORTABLE last-modified: 2017-01-20T01:41:38Z source: APNIC irt: IRT-HINET-AP address: Taipei, Taiwan, 100 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HN27-AP tech-c: HN27-AP auth: # Filtered mnt-by: MAINT-TW-TWNIC last-modified: 2017-01-20T01:39:18Z source: APNIC person: HINET Network-Adm address: CHTD, Chunghwa Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd., address: Taipei Taiwan 100 country: TW phone: +886 2 2322 3495 phone: +886 2 2322 3442 phone: +886 2 2344 3007 fax-no: +886 2 2344 2513 fax-no: +886 2 2395 5671 e-mail: [email protected] nic-hdl: HN27-AP remarks: same as TWNIC nic-handle HN184-TW mnt-by: MAINT-TW-TWNIC last-modified: 2011-08-22T06:04:01Z source: APNIC inetnum: 218.161.0.0 - 218.161.255.255 netname: HINET-NET descr: Chunghwa Telecom Co.,Ltd. descr: No.21-3, Sec. 1, Xinyi Rd., Taipei 10048, Taiwan, R.O.C. descr: Taipei Taiwan country: TW admin-c: HN184-TW tech-c: HN184-TW mnt-by: MAINT-TW-TWNIC changed: [email protected] 20011011 status: ASSIGNED NON-PORTABLE remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. source: TWNIC person: HINET Network-Adm address: Changhua Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd. address: Taipei Taiwan country: TW phone: +886-2-2322-3495 fax-no: +886-2-2344-2513 e-mail: [email protected] nic-hdl: HN184-TW changed: [email protected] 20130307 remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. source: TWNIC
- references
- https://github.com/telekom-security/tpotce
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 2 months ago
Appeared in 8 threat reports