IPMediumSignal 63/100

`141.98.80.111`

Location

Netherlands

Amsterdam, North Holland

ASN

AS43350

Cloud CDN

First Seen

Oct 7, 2020

Last Seen

Jun 5, 2026

Oct 7

First Seen

2075d ago

Jun 5

Last Seen

9d ago

Reports

source reports

63%

Confidence

medium

Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

63%

Signal Score

63 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

44 techniques

Network Information

Country

Netherlands

RegionAmsterdam, North Holland

ASNAS43350

OrganizationCloud CDN

IP Category

⟲

Proxy

Proxy server

⊕

VPN

VPN exit node

Feed Intelligence Summary

20 reports63% confidence

Source reports

63%

Confidence score

Category tags

abuseaccess controlactive scanactive scanningadbhoney honeypotattackattempted initial accessaustraliaautomated attackautomated threatbad reputationbad web botbebelgiumblog spambotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attackscisco asacisco asa targetingcisco devicecisco exploitation attemptscommand and controlcommunication protocolcompromised credentialscowrie attackscowrie honeypotcredential accesscredential attackscredential guessingcredential harvestingcredential stuffingcredential-stuffingdata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackddos reflectiondecoy systemdenial of servicedevice managementdionaea attacksdionaea honeypotelasticpot honeypotelasticsearch monitoringendpoint discoveryenterprise networkingeuropeexploitexploit attemptexploit attemptsexploit-attemptsexploitationexploitation activityexploited hostexternal access attemptsfattftpftp brute forceglobalprotecthackinghoneytrap datahoneytrap honeypothttp brute forcehttp scannerhttp/httpshttp/shttpsidentity & access exploitationinformation technologyinitial access activityinitial access attemptsinjection activityintrusion detectioniot securityipv4it infrastructurelamplamp attacklamp exploitation attemptslamp stack targetinglateral movementlinux systemsmailoney honeypotmalicious activitymalicious activity detectedmalicious emailmalicious softwaremalwaremalware behaviourmalware capturemalware delivery attemptmalware detectionmalware distributionmonthlynetherlandsnetworknetwork devicenetwork infrastructurenetwork intrusion attemptsnetwork intrusionsnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork servicesnetwork traffic analysisnetwork-device-exploitationnloceaniaopen proxyp0fpapalo alto networkspan-ospanamapanos-globalprotectpassword attacksperimeter securityphishingphishing attackphishing trappossible malware distributionpotential compromiseprocess injectionprotocol exploitationproxyransomwarereconnaissanceremote accessremote servicesresearchedresource hijackingrevproxyscannerscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetsentrypeer detectionserver exploitationserver securityservice scansftp attacksftp attackssip attackssip brute forcesip scanningsmtpsocial engineeringsoftware developmentspamsql injectionssh attackssh monitoringsystem accesst1018t1021t1021.001t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1068t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1203t1204.002t1210t1486t1496t1499.001t1499.002t1505.002t1563t1565t1566.001t1566.002t1566.003t1566.004t1589t1590.005t1590.006t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotunauthorized accessunauthorized access attemptunknown threat actorvoipvoip attackvpnvulnerability scanvulnerability-scanningweb applicationweb application attackweb application attacksweb application scanningweb attackweb attacksweb exploitweb exploit attemptweb exploitationweb spamweb trafficweb-exploitweb-exploitation

Activity Timeline

1 total obs

Jun 5Jun 5

Threat Activity Heatmap

· Peak: 2026-06-05

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

63%

Confidence

Reports

First seenOct 7, 2020

Last seenJun 5, 2026

GeolocationNL

CountryNetherlands

LocationAmsterdam, North Holland

ASNAS43350

OrgCloud CDN

Coords52.3676, 4.9041

ProxyVPN

VirusTotal

Not checked

WHOIS

raw: Socket not responding: [Errno 111] Connection refused

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

medium

First detected 5 years ago · Last seen 9 days ago

Appeared in 20 threat reports