IPMediumSignal 69/100
103.163.220.17
Location
NetherlandsTokyo, Tokyo
ASN
AS206092
XS Usenet
First Seen
Jun 26, 2023
Last Seen
May 27, 2026
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
69%
Signal Score
69 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryNetherlands
NetherlandsRegionTokyo, Tokyo
ASNAS206092
OrganizationXS Usenet
IP Category
⊕
VPN
VPN exit node
Feed Intelligence Summary
13 reports69% confidence
13
Source reports
69%
Confidence score
Category tags
abuseactive scanactive scanningactive-attackaptasiabad reputationbad web botbothammerbotnet activitybrute forcebrute force attackbrute-forcecredential accesscredential stuffingctacyberattackdaily-threat-feedddosddos attackdenial of servicedenial-of-serviceeuropeexploitation activityexploited hosthackingidentity & access exploitationinformation technologyit infrastructurejapanjpmalwarenetherlandsnetworknlpassword attacksproxyrealtime-wafreconnaissanceresearchedscannersiemsoftware developmentspamsshssh attackt1078t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003threat actorvpnweb app attackweb application attackweb exploitationweb spam
Activity Timeline
May 27May 27
Threat Activity Heatmap
· Peak: 2026-05-27LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
69
SIGNAL
Signal Score
69%
Confidence
13
Reports
First seenJun 26, 2023
Last seenMay 27, 2026
GeolocationNL
CountryNetherlands
LocationTokyo, Tokyo
ASNAS206092
OrgXS Usenet
Coords35.6895, 139.6923
VPN
VirusTotal
Not checked
WHOIS
- description
- Detected by Bothammer as actively attacking a WordPress site
- raw
- inetnum: 103.163.220.0 - 103.163.221.255 netname: XSUSENETBV-AP descr: XS Usenet country: NL org: ORG-XU1-AP admin-c: XUBA1-AP tech-c: XUBA1-AP abuse-c: AX191-AP status: ASSIGNED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- remarks: Geofeed https://prefixx.net/geofeed.csv mnt-by: APNIC-HM mnt-routes: MAINT-XSUSENETBV-AP mnt-irt: IRT-XSUSENETBV-AP last-modified: 2023-05-08T10:07:43Z source: APNIC irt: IRT-XSUSENETBV-AP address: Moezel 3, 2491 CV The Hague, The Netherlands e-mail: [email protected] abuse-mailbox: [email protected] admin-c: XUBA1-AP tech-c: VCN1-AP auth: # Filtered remarks: [email protected] is invalid mnt-by: MAINT-XSUSENETBV-AP last-modified: 2025-12-09T00:05:13Z source: APNIC organisation: ORG-XU1-AP org-name: XS Usenet org-type: LIR country: NL address: Jan Pietersz. Coenstraat 7 phone: +318553015703 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:18:27Z source: APNIC role: ABUSE XSUSENETBVAP country: ZZ address: Moezel 3, 2491 CV The Hague, The Netherlands phone: +000000000 e-mail: [email protected] admin-c: XUBA1-AP tech-c: VCN1-AP nic-hdl: AX191-AP remarks: Generated from irt object IRT-XSUSENETBV-AP remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-12-09T00:05:27Z source: APNIC role: XS Usenet BV administrator address: Jan Pietersz. Coenstraat 7, Den Haag Nederland 2595 WP country: NL phone: +318553015703 e-mail: [email protected] admin-c: XUBA1-AP tech-c: XUBA1-AP nic-hdl: XUBA1-AP mnt-by: MAINT-XSUSENETBV-AP last-modified: 2021-03-04T01:30:27Z source: APNIC route: 103.163.220.0/24 origin: AS206092 descr: XS Usenet B.V. Jan Pietersz. Coenstraat 7 mnt-by: MAINT-XSUSENETBV-AP last-modified: 2021-12-17T19:24:08Z source: APNIC
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 years ago · Last seen 20 days ago
Appeared in 13 threat reports