IOC Radar
IPMediumSignal 51/100

109.248.149.107

Location
LatviaLatvia
Riga, RIX
ASN
AS52048
Dataclub S.A
First Seen
Oct 18, 2025
Last Seen
May 27, 2026
Oct 18
First Seen
239d ago
May 27
Last Seen
17d ago
8
Reports
source reports
51%
Confidence
medium
1/91
VirusTotal
detections
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryLVLatvia
RegionRiga, RIX
ASNAS52048
OrganizationDataclub S.A

IP Category

VPN
VPN exit node

Feed Intelligence Summary

8 reports51% confidence
8
Source reports
51%
Confidence score
Category tags
abuseactive scanactive scanningbad reputationbad web botblocklistbotnet activitybrute forcebrute force attackbrute-forcecredential accesscredential stuffingddosddos attackdenial of serviceeuropeexploitation activityhackingidentity & access exploitationinformation technologyit infrastructurelatvialvnetworkpassword attacksping of deathproxyreconnaissanceresearchedscannersoftware developmentt1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003vpnweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
May 27May 27

Threat Activity Heatmap

· Peak: 2026-05-27
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
8
Reports
First seenOct 18, 2025
Last seenMay 27, 2026
GeolocationLV
CountryLatvia
LocationRiga, RIX
ASNAS52048
OrgDataclub S.A
Coords56.9496, 24.0978
VPN

VirusTotal

1/ 91vendors flagged
1% detection rateJun 5, 2026

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
inetnum: 109.248.147.0 - 109.248.149.255 netname: DATACLUB-LV org: ORG-SD330-RIPE country: LV admin-c: SAR195-RIPE tech-c: SAR195-RIPE status: ASSIGNED PA mnt-by: MNT-NETART mnt-routes: DATACLUB-MNT mnt-routes: lir-lv-siadc-1-MNT mnt-domains: DATACLUB-MNT created: 2018-05-05T12:50:42Z last-modified: 2024-11-14T16:49:22Z source: RIPE organisation: ORG-SD330-RIPE org-name: SIA RixHost country: LV org-type: LIR address: Elijas iela 21 address: LV1050 address: Riga address: LATVIA phone: +371 60 007 798 admin-c: SAR195-RIPE tech-c: SAR195-RIPE abuse-c: AR72696-RIPE mnt-ref: lir-lv-siadc-1-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: lir-lv-siadc-1-MNT created: 2023-10-02T08:01:53Z last-modified: 2024-12-10T10:00:16Z source: RIPE # Filtered role: SIA RIXHOST address: LATVIA address: Riga address: LV-1003 address: Kraslavas iela 14 - 2 phone: +371 60 007 798 nic-hdl: SAR195-RIPE mnt-by: lir-lv-siadc-1-MNT created: 2023-10-02T08:01:52Z last-modified: 2024-12-09T10:55:08Z source: RIPE # Filtered route: 109.248.149.0/24 descr: DATACLUB S.A. origin: AS52048 mnt-by: DATACLUB-MNT created: 2018-07-17T19:32:14Z last-modified: 2018-07-17T19:32:14Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 7 months ago · Last seen 17 days ago
Appeared in 8 threat reports