IPMediumSignal 73/100
149.22.87.46
Location
JapanTokyo, Tokyo
ASN
AS212238
DataCamp Limited
First Seen
Oct 23, 2024
Last Seen
May 28, 2026
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
73%
Signal Score
73 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryJapan
JapanRegionTokyo, Tokyo
ASNAS212238
OrganizationDataCamp Limited
IP Category
⟲
Proxy
Proxy server
⊕
VPN
VPN exit node
Feed Intelligence Summary
10 reports73% confidence
10
Source reports
73%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiaauthentication attacksauthentication failuresbad web botbotnetbrute forcebrute force attackcommand and controlcredential accesscredential stuffingdata exfiltrationdecoy systemdenial of servicedistributed attackseuropeexploited hostfail2ban eventsfinlandfranceftp brute forcegermanyhoneynet connecthttp brute forceindicatorinformation technologyit infrastructurejapanjplateral movementlogin attemptmalicious softwaremalwarenetworknetwork enumerationnetwork intrusionnetwork scanningnetwork securitynorth americaopen proxypassword attackpassword attackspassword crackingpolandprocess injectionprotocol exploitationproxyreconnaissanceremote accessremote servicesresearchedscannerscanning activitysecurity operationssmb brute forcesmtp brute forcesoftware developmentssh attackt1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1055t1059t1059.001t1059.003t1059.004t1068t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1589t1592t1595t1595.001t1595.002t1595.003tcp scantelnet threatthreat intelligenceudp scanunauthorized access attemptunited kingdomunited statesvpnweb application attackweb exploitation
Activity Timeline
May 28May 28
Threat Activity Heatmap
· Peak: 2026-05-28LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
73
SIGNAL
Signal Score
73%
Confidence
10
Reports
First seenOct 23, 2024
Last seenMay 28, 2026
GeolocationJP
CountryJapan
LocationTokyo, Tokyo
ASNAS212238
OrgDataCamp Limited
Coords37.7510, -97.8220
ProxyVPN
VirusTotal
Not checked
WHOIS
- description
- Banned by Fail2Ban [sshd]
- raw
- inetnum: 149.0.0.0 - 149.255.255.255 netname: ERX-NETBLOCK descr: Early registration addresses country: AU admin-c: IANA1-AP tech-c: IANA1-AP abuse-c: AA1452-AP status: ALLOCATED PORTABLE remarks: ------------------------------------------------------ remarks: Important: remarks: remarks: Networks in this range were allocated by InterNIC remarks: prior to the formation of Regional Internet remarks: Registries (RIRs): AfriNIC, APNIC, ARIN, LACNIC and RIPE NCC. remarks: remarks: Address ranges from this historical space have now remarks: been transferred to the appropriate RIR database.remarks: remarks: If your search has returned this record, it means the remarks: address range is not administered by APNIC. remarks: remarks: Instead, please search one of the following databases: remarks: remarks: - AfriNIC (Africa) remarks: website: http://www.afrinic.net/ remarks: command line: whois.afrinic.net remarks: remarks: - ARIN (Northern America) remarks: website: http://www.arin.net/ remarks: command line: whois.arin.net remarks: remarks: - LACNIC (Latin America and the Carribean) remarks: website: http://www.lacnic.net/ remarks: command line: whois.lacnic.net remarks: remarks: - RIPE NCC (Europe) remarks: website: http://www.ripe.net/ remarks: command line: whois.ripe.net remarks: remarks: For information on the Early Registration Transfer remarks: (ERX) project, see: remarks: remarks: http://www.apnic.net/db/erx remarks: remarks: ------------------------------------------------------ mnt-by: APNIC-HM mnt-lower: APNIC-HM mnt-irt: IRT-APNIC-AP last-modified: 2023-04-15T21:11:06Z source: APNIC irt: IRT-APNIC-AP address: Brisbane, Australia e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HM20-AP tech-c: NO4-AP auth: # Filtered remarks: APNIC is a Regional Internet Registry. remarks: We do not operate the referring network and remarks: are unable to investigate complaints of network abuse. remarks: For information about IRT, see www.apnic.net/irt remarks: [email protected] was validated on 2020-02-03 mnt-by: APNIC-HM last-modified: 2023-08-18T00:42:38Z source: APNIC role: ABUSE APNICAP address: Brisbane, Australia country: ZZ phone: +000000000 e-mail: [email protected] admin-c: HM20-AP tech-c: NO4-AP nic-hdl: AA1452-AP remarks: Generated from irt object IRT-APNIC-AP remarks: [email protected] was validated on 2020-02-03 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2023-08-18T19:08:30Z source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP last-modified: 2018-06-22T22:34:30Z source: APNIC
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 17 days ago
Appeared in 10 threat reports