IOC Radar
IPLowSignal 40/100

60.250.218.20

Location
Taiwan, Province of ChinaTaiwan, Province of China
Yilan, NAN
ASN
AS3462
Chunghwa Telecom Co. Ltd.
First Seen
Sep 5, 2022
Last Seen
May 31, 2026
Sep 5
First Seen
1384d ago
May 31
Last Seen
20d ago
10
Reports
source reports
40%
Confidence
low
0/91
VirusTotal
detections
Found in 10 reports. Confidence: low. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
40%
Signal Score
40 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

37 techniques

Network Information

CountryTWTaiwan, Province of China
RegionYilan, NAN
ASNAS3462
OrganizationChunghwa Telecom Co. Ltd.

Feed Intelligence Summary

10 reports40% confidence
10
Source reports
40%
Confidence score
Category tags
access controlactive scanactive scanningasiaaustraliaauto-generated securitybotnetbotnet activitybrute forcebrute force attackbrute-forcecommand and controlcommunication protocolcowrie honeypotcredential accesscredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attackddos attacksdecoy systemdenial of servicedionaea honeypotdistributed attacksencryptionexploitexploitation activityexploited hostfattftpftp brute forcehackinghoneytrap honeypothttp brute forcehttp scanneridentity & access exploitationindicatorinitial accessinjection activityinjection attacksinternet of thingsintrusion detectioniociot botnetiot securityiot targetediot/ics attackkazakhstankaznetlateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemirai botnetmssqlnetworknetwork attacksnetwork probingnetwork protocolnetwork scanningnetwork securitynetwork traffic analysisoceaniap0fpassword attacksphishingphishing attackphishing trappossible botnet activitypossible reconnaissance activityprocess injectionprotocol exploitationreconnaissanceremote accessremote servicesresearchedresource hijackingscanscannerscanning activitysecurity policysensor-taggedsentrypeer botnetsmtpsmtp brute forcesql injectionssh attackssh monitoringt1018t1021t1021.001t1021.002t1040t1046t1053t1055t1059t1059.003t1059.004t1071.001t1076t1077t1078t1083t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566t1583t1583.001t1583.002t1595t1595.001t1595.002t1595.003taiwantaiwan, province of chinatannertargeting databasetcp protocoltelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpottwunauthorized access attemptvoip attackvulnerability scanweb traffic

Activity Timeline

1 total obs
May 31May 31

Threat Activity Heatmap

· Peak: 2026-05-31
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
40
SIGNAL
Signal Score
40%
Confidence
10
Reports
First seenSep 5, 2022
Last seenMay 31, 2026
GeolocationTW
CountryTaiwan, Province of China
LocationYilan, NAN
ASNAS3462
OrgChunghwa Telecom Co. Ltd.
Coords23.9103, 121.0446

VirusTotal

0/ 91vendors flagged
0% detection rateJun 8, 2026

WHOIS

description
Scans hitting the server at TCP port 445 SMB. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 60.250.0.0 - 60.251.255.255 netname: HINET-NET descr: Data Communication Business Group, descr: Chunghwa Telecom Co.,Ltd. descr: No.21, Sec.1, Xinyi Rd., Taipei City descr: 10048, Taiwan country: TW admin-c: HN27-AP tech-c: HN27-AP abuse-c: AT939-AP status: ALLOCATED PORTABLE mnt-by: MAINT-TW-TWNIC mnt-irt: IRT-TWNIC-AP last-modified: 2021-11-04T00:50:07Z source: APNIC irt: IRT-TWNIC-AP address: 3F., No. 123, Sec. 4, Bade Rd., Songshan Dist., Taipei 105, Taiwan e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TWA2-AP tech-c: TWA2-AP auth: # Filtered remarks: Please note that TWNIC is not an ISP and is not empowered remarks: to investigate complaints of network abuse. mnt-by: MAINT-TW-TWNIC last-modified: 2025-02-06T07:04:21Z source: APNIC role: ABUSE TWNICAP country: ZZ address: 3F., No. 123, Sec. 4, Bade Rd., Songshan Dist., Taipei 105, Taiwan phone: +000000000 e-mail: [email protected] admin-c: TWA2-AP tech-c: TWA2-AP nic-hdl: AT939-AP remarks: Generated from irt object IRT-TWNIC-AP abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-02-06T07:04:52Z source: APNIC person: HINET Network-Adm address: CHTD, Chunghwa Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd., address: Taipei Taiwan 100 country: TW phone: +886 2 2322 3495 phone: +886 2 2322 3442 phone: +886 2 2344 3007 fax-no: +886 2 2344 2513 fax-no: +886 2 2395 5671 e-mail: [email protected] nic-hdl: HN27-AP remarks: same as TWNIC nic-handle HN184-TW mnt-by: MAINT-TW-TWNIC last-modified: 2011-08-22T06:04:01Z source: APNIC inetnum: 60.250.218.0 - 60.250.218.255 netname: HINET-NET descr: Chunghwa Telecom Co.,Ltd. descr: No.21-3, Sec. 1, Xinyi Rd., Taipei 10048, Taiwan, R.O.C. descr: Taipei Taiwan country: TW admin-c: HN184-TW tech-c: HN184-TW mnt-by: MAINT-TW-TWNIC remarks: This information has been partially mirrored by APNIC from remarks: TWNIC. To obtain more specific information, please use the remarks: TWNIC whois server at whois.twnic.net. changed: [email protected] 20060731 status: ASSIGNED NON-PORTABLE source: TWNIC person: HINET Network-Adm address: Changhua Telecom Co., Ltd. address: No. 21, Sec. 21, Hsin-Yi Rd. address: Taipei Taiwan country: TW phone: +886-2-2322-3495 fax-no: +886-2-2344-2513 e-mail: [email protected] nic-hdl: HN184-TW changed: [email protected] 20130307 source: TWNIC
references
https://threats.kz

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

low
First detected 3 years ago · Last seen 20 days ago
Appeared in 10 threat reports