IPMediumSignal 64/100
211.13.137.54
Location
JapanChiyoda City, Chiba
ASN
AS4685
ASAHI
First Seen
May 26, 2025
Last Seen
May 11, 2026
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
64%
Signal Score
64 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryJapan
JapanRegionChiyoda City, Chiba
ASNAS4685
OrganizationASAHI
Feed Intelligence Summary
12 reports64% confidence
12
Source reports
64%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiaattackaustraliaauthentication abuseauthentication attackauthentication attemptauthentication attemptsbad reputationbad web botblog spambotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attemptbrute force attemptsbrute-forcec&cc2cisco devicecisco device attackcivil servicescommand & controlcommand and controlcommand injectioncommunication protocolcompromised credentialscompromised host detectioncompromised host targetingcowrie datacowrie honeypotcredential accesscredential attackcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase attackddosddos attackddos attacksdecoy systemdenial of servicedevice managementdigital oceandionaea honeypotdistributed attacksdnsdns attackencryptionenterprise networkingeuropeexploitexploit public-facing applicationexploitation activityexploitation attemptexploited hostexternal threatfattfileftpftp brute forcegovernment technologyhackinghoneytrap honeypothttp brute forcehttp scanneridentity & access exploitationindicatorinformation technologyinitial accessinjection activityinternet of thingsinternet-facingintrusion detectioniociot botnetiot device targetingiot securityiot targetediot/ics attackipv4ipv4 attacksit infrastructurejapanjplamplateral movementloginlogin attacklogin attemptlondonmailoney honeypotmalicious activitymalicious file transfermalicious ipmalicious sftp activitymalicious softwaremalicious ssh activitymalwaremalware behaviourmalware capturemiraimirai botnetnetworknetwork activitynetwork attacksnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisoceaniap0fpassword attackpassword attacksphishingphishing attackphishing trapping of deathprocess injectionprotocol exploitationpublic administrationpublic infrastructurepublic policyransomwarereconnaissanceregulatory agenciesremote accessremote access attemptremote loginremote servicesresearchedresource hijackingscanscannerscannersscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetservice scansftp attacksmtpsmtp brute forcesocradar honeypotsoftware developmentspamsshssh attackssh monitoringt-pott1003t1018t1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.007t1071t1071.001t1077t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1204.002t1486t1496t1497t1499.001t1499.002t1499.003t1565t1566.001t1595t1595.001t1595.002t1595.003tannertargeting databasetcptcp protocoltelecommunicationstelnettelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotunauthorized accessunauthorized access attemptsunauthorized loginunited kingdomvoipvoip attackvulnerability scanvulnerability-exploitationweb application attackweb attackweb crawlerweb crawlingweb exploitationweb spamweb traffic
Activity Timeline
May 11May 11
Threat Activity Heatmap
· Peak: 2026-05-11LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
64
SIGNAL
Signal Score
64%
Confidence
12
Reports
First seenMay 26, 2025
Last seenMay 11, 2026
GeolocationJP
CountryJapan
LocationChiyoda City, Chiba
ASNAS4685
OrgASAHI
Coords35.6906, 139.7700
VirusTotal
Not checked
WHOIS
- description
- Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 month ago
Appeared in 12 threat reports