IPMediumSignal 56/100
89.248.165.203
Location
NetherlandsAmsterdam, North Holland
ASN
AS202425
Quasi Networks LTD.
First Seen
Mar 17, 2021
Last Seen
Jun 7, 2026
Found in 24 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
56%
Signal Score
56 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryNetherlands
NetherlandsRegionAmsterdam, North Holland
ASNAS202425
OrganizationQuasi Networks LTD.
Feed Intelligence Summary
24 reports56% confidence
24
Source reports
56%
Confidence score
Category tags
abuseaccess controlaccount compromiseaccount discoveryaccount securityactive scanactive scanningadminadministrative accessaerospace & defenseapacheapache attackeraptattackauthentication attemptsbad reputationbad web botbankingbeningbening scannerbotnetbotnet activitybrute forcebrute force attackbrute-forcebruteforcecloud infrastructurecloud infrastructure attackcloud servicescommand and controlcommunication protocolcommunication technologiesconnect scanconsumer goodscredential accesscredential stuffingcredential theftcredit card servicesdata exfiltrationdata store exposuredatabase securityddosddos attackddos attacksdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedigital oceandistributed attacksenumerationenumeration attempteuropeexploitation activityexploited hostexternal scanfin port scanfin scanfinancefinancial servicesfinancial technologyfirewall detectionfirewall detection probefraudftp brute forceftp brute-forcehackinghttp brute forceidentity & access exploitationids evasioninbound scanindicatorinformation technologyinitial accessinjection activityinjection attacksinternet of thingsintrusion detectioniot botnetiot securityiot targetediot/ics attackipqsit infrastructuremalicious activitymalicious ipmalicious softwaremalwaremassive port scanmediamilitary operationsmiraimirai botnetmobile carriersmobile networksnational securitynetherlandsnetworknetwork activitynetwork attacksnetwork discoverynetwork enumerationnetwork mappingnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnlnull port scannull scanopen port detectionoperating systemoperating system securityos fingerprintingos fingerprinting attemptpassword attackspassword crackingpayment processingphishingping of deathportscanpossible reconnaissancepotential intrusion attemptpotential vulnerability exploitationpotential vulnerability probingpotential vulnerability scanprivilege escalationprocess injectionprotocol exploitationransomwarerdpreconnaissancereconnaissance activityrecyber_project-benignremote accessremote servicesresearchedresource hijackingretail tradesansscams & fraudscanscannerscannersscanning activityscripting attackssecurity policyservice detectionservice discoveryservice enumerationservice scanservice version detectionsocial engineeringsoftware developmentspamsql injectionsshssh attackstealth scansuspected malicious activitysyn port scansyn scansystem discoveryt1016t1018t1021t1021.001t1040t1046t1055t1059t1059.001t1059.003t1059.007t1068t1069.001t1071.001t1076t1078t1083t1087t1088t1110t1110.001t1110.002t1110.003t1110.004t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566t1567.001t1589.001t1589.002t1595t1595.001t1595.002t1595.003targeting databasetcptcp protocoltelecom servicestelecommunicationstelnet threatthreat actorthreat intelligencethreat preventiontor nodetsecudp port scanunauthorized accessverified-benignvulnerability scanvultrwealth managementweb app attackweb application attackweb attackweb exploitationweb spamwinwindowsxmas port scanxmas scan
Activity Timeline
Jun 7Jun 7
Threat Activity Heatmap
· Peak: 2026-06-07LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
56
SIGNAL
Signal Score
56%
Confidence
24
Reports
First seenMar 17, 2021
Last seenJun 7, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS202425
OrgQuasi Networks LTD.
Coords52.3676, 4.9041
VirusTotal
Not checked
WHOIS
- description
- IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
- raw
- inetnum: 89.248.165.0 - 89.248.165.255 netname: NET-2-165 descr: RECYBER PROJECT NETBLOCK remarks: +----------------------------------------------- remarks: | This net-block is not trying to hack you, we are only scanning remarks: | for LEGIT purposes ONLY. This scanning is done by multiple remarks: | security organizations. remarks: | Please use https://www.recyber.net/opt-out remarks: | to have your ip-address and/or netblock/as number white-listed remarks: | and excluded from this project. remarks: | If you have any further questions please contact [email protected] remarks: +----------------------------------------------- country: NL org: ORG-IVI1-RIPE geoloc: 52.370216 4.895168 admin-c: RR13369-RIPE abuse-c: RR13369-RIPE tech-c: RR13369-RIPE status: ASSIGNED PA mnt-by: IPV mnt-lower: IPV mnt-routes: IPV created: 2019-02-03T20:52:14Z last-modified: 2021-11-29T16:03:44Z source: RIPE organisation: ORG-IVI1-RIPE org-name: IP Volume inc country: SC org-type: OTHER address: Seychelles abuse-c: IVNO1-RIPE mnt-ref: IPV mnt-by: IPV created: 2018-05-14T11:46:50Z last-modified: 2023-09-08T14:13:20Z source: RIPE # Filtered role: RECYBER ROLE address: 35 Firs Avenue, London, England, N11 3NE abuse-mailbox: [email protected] nic-hdl: RR13369-RIPE mnt-by: IPV created: 2021-01-27T15:12:59Z last-modified: 2021-01-27T15:12:59Z source: RIPE # Filtered route: 89.248.165.0/24 origin: AS202425 remarks: +----------------------------------------------- remarks: | For abuse e-mail [email protected] remarks: | We do not always reply to abuse. remarks: | But we do take care your report is dealt with! remarks: +----------------------------------------------- mnt-by: IPV created: 2019-02-08T15:42:07Z last-modified: 2019-02-08T15:42:07Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 5 years ago · Last seen 17 days ago
Appeared in 24 threat reports