IOC Radar
IPMediumSignal 47/100

220.135.167.74

Location
Taiwan, Province of ChinaTaiwan, Province of China
Anping District, TNN
ASN
AS3462
Chunghwa Telecom Co. Ltd.
First Seen
Apr 18, 2025
Last Seen
Feb 5, 2026
Apr 18
First Seen
433d ago
Feb 5
Last Seen
140d ago
12
Reports
source reports
47%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

49 techniques

Network Information

CountryTWTaiwan, Province of China
RegionAnping District, TNN
ASNAS3462
OrganizationChunghwa Telecom Co. Ltd.

Feed Intelligence Summary

12 reports47% confidence
12
Source reports
47%
Confidence score
Category tags
abuseaccess controlactive scanningaptasiaaustraliabotnetbrute forcebrute force attackbrute force attemptbrute force attemptsc2 communicationcommand and controlcommand injectioncommunication protocolcompromised hostcowrie honeypotcredential accesscredential attackcredential stuffingdata encryptiondata exfiltrationddosddos attacksdecoy systemdenial of servicedionaea honeypotdistributed attacksdnseuropeexploitexploit attemptsexploitationexploitation attemptexploited hostfattfinlandfranceftpftp brute forcegermanyhackinghoneynet connecthoneytrap honeypothttp brute forcehttp scannerindicatorinitial accessinternet of thingsinternet-facingintrusion detectioniociot botnetiot targetediot/ics attacklateral movementlogin attemptmailoney honeypotmalicious activitymalicious network activitymalicious softwaremalicious trafficmalwaremalware behaviourmalware capturemalware distributionmalware propagationmalware scanningmirai botnetnetworknetwork attacksnetwork enumerationnetwork intrusionnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnorth americaoceaniap0fpassword attackpassword attacksphishing attackphishing trappolandprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedresource hijackingscanscannerscanning activitysecurity policysensor-taggedsentrypeer botnetsmb brute forcesmtpsmtp brute forcesql injection attemptsssh attackssh monitoringt1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1047t1053t1055t1056.001t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566t1571t1588t1592t1595t1595.001t1595.002t1595.003taiwantaiwan, province of chinatannertcp protocoltcp scantelecommunicationstelnet threatthreat detectionthreat intelligencethreat preventiontpotudp scanunauthorized access attemptunited statesvoipvoip attackvulnerability scanweb traffic

Activity Timeline

1 total obs
Feb 5Feb 5

Threat Activity Heatmap

· Peak: 2026-02-05
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
12
Reports
First seenApr 18, 2025
Last seenFeb 5, 2026
GeolocationTW
CountryTaiwan, Province of China
LocationAnping District, TNN
ASNAS3462
OrgChunghwa Telecom Co. Ltd.
Coords22.9917, 120.2148

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 220.129.0.0 - 220.143.255.255 netname: HINET-NET descr: CHTD, Chunghwa Telecom Co.,Ltd. descr: Data-Bldg.6F, No.21, Sec.1, Hsin-Yi Rd. descr: Taipei Taiwan 100 country: TW admin-c: HN27-AP tech-c: HN28-AP abuse-c: AT939-AP status: ALLOCATED PORTABLE mnt-by: MAINT-TW-TWNIC mnt-irt: IRT-TWNIC-AP last-modified: 2021-11-04T00:49:10Z source: APNIC irt: IRT-TWNIC-AP address: 3F., No. 123, Sec. 4, Bade Rd., Songshan Dist., Taipei 105, Taiwan e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TWA2-AP tech-c: TWA2-AP auth: # Filtered remarks: Please note that TWNIC is not an ISP and is not empowered remarks: to investigate complaints of network abuse. remarks: [email protected] was validated on 2025-05-23 mnt-by: MAINT-TW-TWNIC last-modified: 2025-09-03T04:09:06Z source: APNIC role: ABUSE TWNICAP country: ZZ address: 3F., No. 123, Sec. 4, Bade Rd., Songshan Dist., Taipei 105, Taiwan phone: +000000000 e-mail: [email protected] admin-c: TWA2-AP tech-c: TWA2-AP nic-hdl: AT939-AP remarks: Generated from irt object IRT-TWNIC-AP remarks: [email protected] was validated on 2025-05-23 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-05-23T00:02:10Z source: APNIC person: HINET Network-Adm address: CHTD, Chunghwa Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd., address: Taipei Taiwan 100 country: TW phone: +886 2 2322 3495 phone: +886 2 2322 3442 phone: +886 2 2344 3007 fax-no: +886 2 2344 2513 fax-no: +886 2 2395 5671 e-mail: [email protected] nic-hdl: HN27-AP remarks: (hid:HN184-TW) mnt-by: MAINT-TW-TWNIC last-modified: 2025-08-28T07:34:45Z source: APNIC person: HINET Network-Center address: CHTD, Chunghwa Telecom Co., Ltd. address: Data-Bldg. 6F, No. 21, Sec. 21, Hsin-Yi Rd., address: Taipei Taiwan 100 country: TW phone: +886 2 2322 3495 phone: +886 2 2322 3442 phone: +886 2 2344 3007 fax-no: +886 2 2344 2513 fax-no: +886 2 2395 5671 e-mail: [email protected] nic-hdl: HN28-AP remarks: same as TWNIC nic-handle HN185-TW mnt-by: MAINT-TW-TWNIC last-modified: 2008-09-04T07:29:17Z source: APNIC inetnum: 220.135.0.0 - 220.135.255.255 netname: HINET-NET descr: Chunghwa Telecom Co.,Ltd. descr: No.21-3, Sec. 1, Xinyi Rd., Taipei 10048, Taiwan, R.O.C. descr: Taipei Taiwan country: TW admin-c: HN184-TW tech-c: HN184-TW mnt-by: MAINT-TW-TWNIC changed: [email protected] 20030610 status: ASSIGNED NON-PORTABLE remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. source: TWNIC person: HINET Network-Adm address: Changhua Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd. address: Taipei Taiwan country: TW phone: +886-2-2322-3495 fax-no: +886-2-2344-2513 e-mail: [email protected] nic-hdl: HN184-TW changed: [email protected] 20130307 remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. source: TWNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 12 threat reports