IP Risk Score: 90 / 100

This IP is considered potentially malicious and poses a serious security threat. Activity from this IP is consistent with active and malicious behavior. This assessment is backed by strong and consistent detection signals. The IP represents a severe and confirmed security risk. Immediate blocking or mitigation is strongly recommended.

Protect your system

What is this IP address?

IP Address: 138.199.21.236

Country: Japan flag

Japan (JP)

Region Name: Tokyo (13)

City: Tokyo

ISP: Datacamp Limited

Organization: Cdnext TYO

Threat level: 90 / 100
Conf. level: 100 / 100

Properties

ASN: AS212238

AS Name: Datacamp Limited

Timezone: Asia/Tokyo

Reverse DNS: unn-138-199-21-236.datapacket.com

Status: Critical

Hosting

Proxy

Observed Client Profile

OS: Windows (100%)
Device Type: Desktop (100%)
Browser Family: Chrome (100%)
Rendering Engine: Gecko (100%)

Behavioral Indicators

The IP exhibits suspicious behavior with repeated access to admin paths resulting in 403 responses, indicating potential probing or scraping activity. The traffic is automated, originating from a known hosting provider, and lacks JavaScript support, further raising concerns about its intent.

The supernet (138.199.0.0/16), which this IP belongs to, exhibits suspicious behavior characterized by repetitive, low-interaction visits across multiple IPs, with a high incidence of 403 and honeypot hits. The use of identical user agents and a lack of forward DNS matches suggest potential automated scraping or bot activity, raising concerns about coordinated stealth automation and analytics pollution.

📡

Scanner

JavaScript Support

⚠️ No

User-Agent Samples

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36

Integrate IPIntel into your system

IP Location

Region: Tokyo, Japan

City: Tokyo

Local time: 2026-06-22 21:25:58

Subnet
138.199.21.0/24
Supernet
138.199.0.0/16