IPMediumSignal 73/100
45.221.98.91
Location
Taiwan, Province of ChinaTaipei, Gauteng
ASN
AS140869
Bluegate Exchange
First Seen
Dec 19, 2024
Last Seen
Feb 12, 2026
Dec 19
First Seen
542d ago
Feb 12
Last Seen
122d ago
11
Reports
source reports
73%
Confidence
medium
15/91
VirusTotal
detections
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryTaiwan, Province of China
Taiwan, Province of ChinaRegionTaipei, Gauteng
ASNAS140869
OrganizationBluegate Exchange
Feed Intelligence Summary
11 reports73% confidence
11
Source reports
73%
Confidence score
Category tags
active scanactive scanningafricabotnetbotnet activityc2cobaltstrikecommand & controlcommand and controldata exfiltrationdata store exposuredistributed attacksexploitation activityindicatorinjection activitymalicious softwaremalwarenetworkprocess injectionransomwarereconnaissanceresearchedscannershellcodesouth africat1055t1071.001t1486t1496t1499.002t1499.003t1565t1595.001t1595.002t1595.003threat actorza
Activity Timeline
Feb 12Feb 12
Threat Activity Heatmap
· Peak: 2026-02-12LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC), an IPv4 address, represents a significant and immediate threat to organizational security, warranting urgent attention. With a high severity score, it is strongly associated with malicious infrastructure, likely serving as a Command and Control (C2) server or a host for malware distribution. Evidence includes its listing on numerous reputable threat intelligence feeds, including those tracking C2 operations and Cobalt Strike activity. Potential impacts from in…
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
11
Reports
First seenDec 19, 2024
Last seenFeb 12, 2026
GeolocationTW
CountryTaiwan, Province of China
LocationTaipei, Gauteng
ASNAS140869
OrgBluegate Exchange
Coords-26.0286, 28.0024
WHOIS
- raw
- inetnum: 45.221.96.0 - 45.221.111.255 netname: TelecomSA descr: Telkom SA LTD. country: TW org: ORG-BE1-AFRINIC admin-c: PB455-AFRINIC admin-c: JS41-AFRINIC tech-c: PB455-AFRINIC tech-c: JS41-AFRINIC status: ASSIGNED PA remarks: https://geofeed.sunhosting.com/geofeed.txt mnt-by: BE1-MNT mnt-lower: BE1-MNT mnt-domains: BE1-MNT mnt-domains: GENERATED-ANC2BJTSXP2JV1VIPTCPABP8PO8WZ5YB-MNT source: AFRINIC # Filtered parent: 45.221.96.0 - 45.221.127.255 organisation: ORG-BE1-AFRINIC org-name: BLUEGATE EXCHANGE org-type: LIR country: ZA address: 39A Kingfisher Drive, Fourways, Gauteng address: Johannesburg (2055) phone: tel:+27-10-594-1346 admin-c: BI8-AFRINIC admin-c: JS41-AFRINIC tech-c: BI8-AFRINIC tech-c: JS41-AFRINIC mnt-ref: AFRINIC-HM-MNT mnt-ref: BE1-MNT mnt-by: AFRINIC-HM-MNT source: AFRINIC # Filtered person: John Sheppard nic-hdl: JS41-AFRINIC address: 39A Kingfisher Drive, Fourways, Guateng address: Johannesburg (2055) address: South Africa address: Johannesburg address: South Africa phone: tel:+27-10-594-1346 mnt-by: GENERATED-YRB9KS92LILAOY6TQY80GDAY7LWLN67N-MNT source: AFRINIC # Filtered person: Pieter Bezuidenhout address: Telkom SA Ltd address: PO Box 2753 address: Pretoria address: Gauteng address: 0001 address: ZA phone: tel:+1-111-111-1111 fax-no: tel:+27-21-311-1111 nic-hdl: PB455-AFRINIC remarks: Abuse complaints can be directed to [email protected] remarks: DNS Issues can be directed to [email protected]. Alex, can you see this abuse-mailbox: [email protected] mnt-by: GENERATED-VBGUTFTPI6D5BTFKNJLKEZOJLKKWX2IX-MNT source: AFRINIC # Filtered
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 4 months ago
Appeared in 11 threat reports