IOC Radar
IPMediumSignal 37/100

45.148.10.81

Location
NetherlandsNetherlands
Amsterdam, Andorra la Vella
ASN
AS48090
Techoff SRV Limited
First Seen
Aug 26, 2020
Last Seen
Jun 18, 2026
Aug 26
First Seen
2131d ago
Jun 18
Last Seen
9d ago
31
Reports
source reports
37%
Confidence
medium
Found in 31 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
37%
Signal Score
37 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

64 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, Andorra la Vella
ASNAS48090
OrganizationTechoff SRV Limited

IP Category

Proxy
Proxy server

Feed Intelligence Summary

31 reports37% confidence
31
Source reports
37%
Confidence score
Category tags
abuseaccess controlaccount accessaccount discoveryaccount profilingaccount takeoverack scanactive scanactive scanningadresy urlaerospace & defenseandorraapplication layer protocolas numberattackaustraliaauthenticationauthentication bypassauto-generated securityautomotive manufacturingawasta elfbad reputationbad web botbankingblacklist candidatebotnetbotnet activitybrazilbrute forcebrute force attackbrute force attacksbrute force attemptc startc2civil servicesclaycommand & controlcommand and controlcommunication protocolcompromised credentials attemptcompromised hostconnect scancountry acowrie honeypotcredential accesscredential brute forcecredential harvestingcredential stuffingcredit card servicescyber securitydatadata encryptiondata exfiltrationdata sizedata store exposureddosddos attackddos attacksdecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedgc4ph bazadictionary attackdionaea honeypotdistributed attackselectronics manufacturingencryptionenumerationeuropeexploitation activityexploited hostexternal network scanexternal scanfattfinfin port scanfin scanfinancefinance and insurancefinancial servicesfinancial technologyfinlandfinland based targetfirewall detectionframe idfrancefraud ordersftpftp brute forcegermanygovernment technologygovernment websitehackinghashhoneynet connecthoneytrap honeypothttp attackhttp brute forcehttp requesthttp scanneridentity & access exploitationilo o2oimapimap brute forceindicatorindustrial automationindustrial iotindustrial productioninfected systeminformation warfareingress tool transferinitial accessinitiator ipinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attackjeli pliklateral movementlayton m0355liczba prbeklogin attemptmailoney honeypotmalicious activitymalicious linksmalicious softwaremalwaremalware behaviourmalware capturemanufacturing technologymasscanmassive scanningmethod getmilitary operationsmime typemirai botnetmtb zakaeniename zakladnational securitynazwanazwa httpsnetherlandsnetworknetwork attacksnetwork discoverynetwork enumerationnetwork intrusionnetwork intrusion attemptsnetwork mappingnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnews manipulationnextraynmapnorth americanull port scannull scano poniejoceaniaojsresoopen port detectionopen port enumerationoperating system detectionp0fpani obroczynipassword attackpassword attackspassword crackingpayment processingphishingphishing attackphishing trapplikplik sha256plikipolandpolandpoland aspolish governmentpop3 brute forcepotential vulnerability exploitationpotential vulnerability probingprocess injectionprocess manufacturingprotocol exploitationproxypublic administrationpublic infrastructurepublic policyquality controlreconnaissancereconnaissance activityreferendum relatedregulatory agenciesremote accessremote servicesresearchedresource hijackingsaslsasl authenticationsasl brute forcescams & fraudscanscannerscanning activitysecurity operationssecurity policysensor-taggedsentrypeer botnetservice discoveryservice enumerationservice probingservice scanservice version detectionsizeskopiujskrtsmb brute forcesmb scanningsmtpsmtp brute forcesocial engineeringsourcespamssdeepssh attackssh monitoringstealth scansupply chain attacksupply chain managementsweep scansynsyn port scansyn scansystem administrationsystem discoveryt1016t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1046t1053t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1077t1078t1078.004t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1199t1203t1204.001t1210t1486t1496t1497t1499.001t1499.002t1499.003t1563t1565t1566t1566.001t1566.002t1566.003t1567t1573t1583t1586t1588t1588.004t1589t1589.002t1592t1595t1595.001t1595.002t1595.003t1598tannertcp based attacktcp brute forcetcp protocoltcp scantcp scanningtelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpottrojan malwaretsecudostpnijudp port scanudp scanukryj prbkiunauthorized access attemptunited statesunsolicited port accessvalid accountsvhashvoipvoip attackvulnerability scanwealth managementweb application attackweb exploitationweb scannerweb securityweb spamweb trafficxmasxmas port scanxmas scanzmapzoliwymzrzuty ekranuzwizane z

Activity Timeline

1 total obs
Jun 18Jun 18

Threat Activity Heatmap

· Peak: 2026-06-18
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
37
SIGNAL
Signal Score
37%
Confidence
31
Reports
First seenAug 26, 2020
Last seenJun 18, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, Andorra la Vella
ASNAS48090
OrgTechoff SRV Limited
Coords42.5063, 1.5218
Proxy

VirusTotal

Not checked

WHOIS

description
Email related brute force IOCs collected mainly from hosts located in Finland
raw
inetnum: 45.148.10.0 - 45.148.10.255 org: ORG-TSL73-RIPE mnt-domains: TECHOFF-MNT mnt-domains: TECHOFF-MNT netname: DMZHOST descr: country: AD admin-c: AD18161-RIPE tech-c: AD18161-RIPE status: ASSIGNED PA mnt-by: TECHOFF-MNT created: 2019-09-02T15:08:45Z last-modified: 2024-11-21T09:43:56Z source: RIPE organisation: ORG-TSL73-RIPE org-name: TECHOFF SRV LIMITED country: GB org-type: OTHER address: 35 Firs Avenue, London N11 3NE abuse-c: AD18161-RIPE mnt-ref: TECHOFF-MNT mnt-ref: MNT-NETERRA mnt-by: TECHOFF-MNT created: 2024-11-20T13:01:40Z last-modified: 2024-11-26T15:22:33Z source: RIPE # Filtered role: ABUSE DEP address: 35 Firs Avenue, London N11 3NE abuse-mailbox: [email protected] nic-hdl: AD18161-RIPE mnt-by: TECHOFF-MNT created: 2024-11-20T13:00:28Z last-modified: 2024-11-21T09:45:52Z source: RIPE # Filtered route: 45.148.10.0/24 origin: AS48090 mnt-by: TECHOFF-MNT created: 2019-09-05T14:32:45Z last-modified: 2024-11-21T09:44:13Z source: RIPE
references
https://www.virustotal.com/gui/collection/789999053bd7022e2d79a887a5f959be573ce57d6c4f3165503438fbd5dd9ad5/graph, ip.src.txt, https://s3.i02.estaleiro.serpro.gov.br/blocklist/blocklist.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 9 days ago
Appeared in 31 threat reports