IOC Radar
IPMediumSignal 37/100

146.103.121.226

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS216071
Servers Tech Fzco
First Seen
Dec 24, 2025
Last Seen
May 20, 2026
Dec 24
First Seen
185d ago
May 20
Last Seen
38d ago
7
Reports
source reports
37%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
37%
Signal Score
37 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

48 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS216071
OrganizationServers Tech Fzco

IP Category

Proxy
Proxy server

Feed Intelligence Summary

7 reports37% confidence
7
Source reports
37%
Confidence score
Category tags
abuse.ch threatfoxabusech-threatfox-c2cabuseipdbactive scanactive scanningaisuruaptauto-generatedauto-updatedautomated-huntazurebad reputationbeelinebelgiumblocked-ipsbrand weaponizationbrute forcec2c2 infrastructurec2 panelc2-communicationc2-infrastructurecensyscloud infrastructurecobalt strikecobalt-strikecobaltstrikecommand & controlcommand and controlcommand-and-controlcommand-executioncredential harvestingcredential stuffingcryptocurrencycryptocurrency threatscryptojackingcyber threatsdata exfiltrationdata store exposuredynamic-linkingelectronic health recordsencryptioneuropeeurope/asiaexploitationexploitation activityfinancefinancial servicesgithubhealth care and social assistancehealth information technologyhealthcare information systemshigh bde scorehospital managementhosting iphttpsidentity & access exploitationindicatorinformation technologyinfostealerinfrastructure acquisitionreconnaissanceinjection activityiocisp-reputationit infrastructurelummastealermalicious ip activitymalicious softwaremalwaremalware analysismalware campaign activitymalware campaign detectionmedical servicesmetasploitmeterpretermeterpreter activity detectedmitre-attacknetherlandsnetsupportmanagernetworknetwork probingnlosintosint-volleypatient carepattern-32pattern-38pattern-49payloadpentest-toolphishingphishing attackpost-exploitationprocess injectionprocess-injectionproxyproxyamransomwareratrat-activityreconnaissanceredlinereflective-dll-injectionremote access toolsremote-accessresearchedresidential proxyresource hijackingrussiascams & fraudsecurity operationsself-signed certificateself-signed certificatessocial engineeringsoftware developmentsslssl certificatesssl-enrichmentssl/tls enrichmentstagerstealcstixstix 2.1stix-2.1supply chain attacksupply-chaint1003t1005t1016t1016.001t1027t1036.006t1041t1055t1055.001t1059t1059.001t1071t1071.001t1078t1090t1102t1105t1110t1113t1125t1140t1189t1195.002t1204t1204.002t1210t1486t1496t1499.001t1528t1547.001t1555.003t1565t1566t1566.001t1566.002t1566.003t1569.002t1573t1583.006t1585t1586t1587.001t1590.001t1595t1595.001t1595.002t1595.003team cymrutechnology llcthreat actorthreat intelligencethreat intelligence feedthreat-feedthreat-intelligencethreatfox apitor nodeunknown malwareunknown-malwarevdsinavimpelcomwiki

Activity Timeline

1 total obs
May 20May 20

Threat Activity Heatmap

· Peak: 2026-05-20
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
37
SIGNAL
Signal Score
37%
Confidence
7
Reports
First seenDec 24, 2025
Last seenMay 20, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS216071
OrgServers Tech Fzco
Coords52.3676, 4.9041
Proxy

VirusTotal

Not checked

WHOIS

raw
inetnum: 146.103.121.0 - 146.103.121.255 netname: VDSINA country: NL geoloc: 52.309711 4.935438 descr: Amsterdam, Netherlands geofeed: https://vdsina.com/geofeed_as216071.csv org: ORG-STF2-RIPE admin-c: SK15998-RIPE tech-c: SK15998-RIPE status: LEGACY mnt-by: vdsina-mnt created: 2025-04-08T16:40:46Z last-modified: 2025-04-08T16:40:46Z source: RIPE organisation: ORG-STF2-RIPE org-name: SERVERS TECH FZCO country: AE org-type: LIR address: Ifza Business Park DDP, Building 1, office number 36298-001 address: 336469 address: Dubai address: UNITED ARAB EMIRATES phone: +971524526969 admin-c: SK15998-RIPE tech-c: SK15998-RIPE abuse-c: AR72995-RIPE mnt-by: RIPE-NCC-HM-MNT mnt-by: servers-tech-mnt created: 2023-10-25T09:55:19Z last-modified: 2025-11-07T08:22:27Z source: RIPE # Filtered mnt-ref: servers-tech-mnt role: SERVERS TECH FZCO address: UNITED ARAB EMIRATES address: Dubai address: 336469 address: Ifza Business Park DDP, Building 1, office number 36298-001 nic-hdl: SK15998-RIPE mnt-by: lir-ae-servers-tech-1-MNT created: 2023-10-25T09:55:18Z last-modified: 2024-07-10T12:05:37Z source: RIPE # Filtered route: 146.103.121.0/24 origin: AS216071 mnt-by: servers-tech-mnt created: 2025-05-19T08:30:48Z last-modified: 2025-05-19T08:30:48Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 6 months ago · Last seen 1 month ago
Appeared in 7 threat reports