IOC Radar
IPMediumSignal 33/100

101.128.180.240

Location
JapanJapan
Chiyoda City, 07
ASN
AS2497
Internet Initiative Japan Inc.
First Seen
Feb 5, 2025
Last Seen
Apr 5, 2026
Feb 5
First Seen
494d ago
Apr 5
Last Seen
69d ago
11
Reports
source reports
33%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
33%
Signal Score
33 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryJPJapan
RegionChiyoda City, 07
ASNAS2497
OrganizationInternet Initiative Japan Inc.

Feed Intelligence Summary

11 reports33% confidence
11
Source reports
33%
Confidence score
Category tags
abuseaccessactive scanactive scanningasiaattackbad reputationbotnetbotnet activitybrute forcecommand and controlcommunication protocolconnectcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposuredecoy systemdionaeadionaea honeypotdistributed attacksemailexploitation activityftp brute forcegroupshoneytrap honeypotidentity & access exploitationindicatorinjection activityjapanjplamplamp exploitation attemptsmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork scanningnetwork securitynorth americaphishingphishing attackphishing trappotential malware distributionprocess injectionprotocol exploitationreconnaissanceresearchedresource hijackingscannerscriptsentrypeer botnetsftpsftp attacksipsip brute forcesip scanningslugsmtp brute forcesocial engineeringsshssh attackssh monitoringsurface webt1016t1018t1021t1040t1041t1046t1053t1055t1059t1071.001t1078t1110t1110.002t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1583t1588t1595t1595.001t1595.002t1595.003tcptelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodeunited statesvoipvoip attack

Activity Timeline

1 total obs
Apr 5Apr 5

Threat Activity Heatmap

· Peak: 2026-04-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
33
SIGNAL
Signal Score
33%
Confidence
11
Reports
First seenFeb 5, 2025
Last seenApr 5, 2026
GeolocationJP
CountryJapan
LocationChiyoda City, 07
ASNAS2497
OrgInternet Initiative Japan Inc.
Coords37.7496, 140.4695

VirusTotal

Not checked

WHOIS

description
2025-02-11T10:03:57.631Z Honeypot : Dionaea : Source: 101.128.180.240 : Port: 1433 Connection: {'transport': 'tcp', 'type': 'accept', 'protocol': 'mssqld'}
raw
inetnum: 101.128.128.0 - 101.128.255.255 netname: IIJ descr: Internet Initiative Japan Inc. descr: Iidabashi Grand Bloom, descr: 2-10-2 Fujimi, Chiyoda-ku, descr: Tokyo, 102-0071 Japan country: JP admin-c: JNIC1-AP tech-c: JNIC1-AP status: ALLOCATED PORTABLE remarks: Email address for spam or abuse complaints : [email protected] mnt-irt: IRT-JPNIC-JP mnt-by: MAINT-JPNIC mnt-lower: MAINT-JPNIC last-modified: 2014-07-31T09:18:02Z source: APNIC irt: IRT-JPNIC-JP address: Uchikanda OS Bldg 4F, 2-12-6 Uchi-Kanda address: Chiyoda-ku, Tokyo 101-0047, japan e-mail: [email protected] abuse-mailbox: [email protected] phone: +81-3-5297-2311 fax-no: +81-3-5297-2312 admin-c: JNIC1-AP tech-c: JNIC1-AP auth: # Filtered remarks: [email protected] was validated on 2024-11-27 mnt-by: MAINT-JPNIC last-modified: 2025-09-04T01:00:00Z source: APNIC role: Japan Network Information Center address: Uchikanda OS Bldg 4F, 2-12-6 Uchi-Kanda address: Chiyoda-ku, Tokyo 101-0047, Japan country: JP phone: +81-3-5297-2311 fax-no: +81-3-5297-2312 e-mail: [email protected] admin-c: JI13-AP tech-c: JE53-AP nic-hdl: JNIC1-AP mnt-by: MAINT-JPNIC last-modified: 2022-01-05T03:04:02Z source: APNIC inetnum: 101.128.128.0 - 101.128.255.255 netname: IIJ-CIDR-BLK-JP descr: Internet Initiative Japan Inc. remarks: Email address for spam or abuse complaints : [email protected] country: JP admin-c: JP00010080 tech-c: JP00010080 last-modified: 2014-08-01T02:10:24Z remarks: This information has been partially mirrored by APNIC from remarks: JPNIC. To obtain more specific information, please use the remarks: JPNIC WHOIS Gateway at remarks: http://www.nic.ad.jp/en/db/whois/en-gateway.html or remarks: whois.nic.ad.jp for WHOIS client. (The WHOIS client remarks: defaults to Japanese output, use the /e switch for English remarks: output) source: JPNIC
references
https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 11 threat reports