IOC Radar
IPMediumSignal 100/100

45.148.120.23

Location
The NetherlandsThe Netherlands
Amsterdam, North Holland
ASN
AS62068
SpectraIP B.V.
First Seen
Oct 11, 2023
Last Seen
May 7, 2026
Oct 11
First Seen
988d ago
May 7
Last Seen
49d ago
14
Reports
source reports
99%
Confidence
medium
Found in 14 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

48 techniques

Network Information

CountryNLThe Netherlands
RegionAmsterdam, North Holland
ASNAS62068
OrganizationSpectraIP B.V.

Feed Intelligence Summary

14 reports99% confidence
14
Source reports
99%
Confidence score
Category tags
abuseabusech-urlhaus-c2cactive scanactive scanningalienvault_ransomwareapkaptapt grouparcarkanixstealerarmasciiasiaaustraliaautomotive manufacturingbackdoorbad reputationbankerbotnetbotnet activitybotnetdomainbratbrute forcebrute force attackbrute force attemptsbrute-forcec2censyscivil servicesclosecobaltcobalt strikecobalt strike stagercobaltstrikecobaltstrike frameworkcode injectioncoinminercommand & controlcommand and controlcommand executioncommunication protocolcowrie honeypotcredential accesscredential harvestingcredential stuffingcryptocurrencycyber threatsdarkvisionratdata encryptiondata exfiltrationdata store exposuredatabase attackddosddos attacksddosagentdecoy systemdionaea honeypotdistributed attacksdll sideloadingdownloaderdroppeddropped-by-amadeydropped-by-stealcelectronics manufacturingelfencryptioneuropeexeexecutable fileexploitexploitation activityexploitation attemptsextortionfailed login attemptsfattfilefinancefinancial servicesftpftp brute forcegafgytgermanygovernment technologygraylinghackinghajimehavochavoc frameworkhijackloaderhoneytrap honeypothotspothttp brute forcehttp scanneridentity & access exploitationindicatorindonesiaindustrial automationindustrial iotindustrial productioninformation technologyinfostealerinfrastructure acquisitionreconnaissanceingress tool transferinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attackit biomedicalit infrastructurejapankepavllkilllateral movementloaderm68kmailoney honeypotmainmalgentmalicious activitymalicious filemalicious ip addressesmalicious powershell activitymalicious softwaremalwaremalware behaviourmalware capturemamba ransomwaremamontmanualmanufacturing technologymin readmipsmirai botnetmobile threatmozimozi botnetmsinetherlandsnetspynetworknetwork infectionnetwork intrusionnetwork intrusion attemptsnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnlobjectoceaniaopendirp0fpacific islandspassword attackpassword attacksphishingphishing attackphishing trappowerpcprocess injectionprocess manufacturingprotectprotocol exploitationps1public administrationpublic infrastructurepublic policypurelogsstealerqakbotquality controlquasarratransomwarereconnaissanceredlinestealerregulatory agenciesremote accessremote servicesresearchedresource hijackingsabsiksaint helena, ascension and tristan da cunhasalatstealersbiedll_hookscams & fraudscannerscanning activityscriptscripting attackssecurity operationssensor-taggedsentrypeer botnetsha valuessmartloadersmtpsmtp brute forcesocial engineeringsoftware developmentsparcssh attackssh monitoringsshdkitstealcstrongsuperhsupply chain attacksupply chain managementsyn scansystem disruptiont-pott1021t1021.001t1027t1040t1046t1053.005t1055t1059t1059.001t1059.004t1059.007t1071t1071.001t1076t1078t1086t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1203t1204t1204.001t1204.002t1486t1490t1496t1499.001t1499.002t1499.003t1563t1565t1566t1566.001t1566.002t1566.003t1569.002t1587.001t1590.001t1595t1595.001t1595.002t1595.003taiwantannertargeting databasetcp scanteamtelnet threatthreat actorthreat detectionthreat intelligencetor nodetpottrojan malwareua-powershellua-wgetudp scanunited statesurlhaus feedvidarvoip attackvulnerability scanweb attackweb exploitationweb trafficx86x86-64xmlzipzobpx

Activity Timeline

1 total obs
May 7May 7

Threat Activity Heatmap

· Peak: 2026-05-07
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
14
Reports
First seenOct 11, 2023
Last seenMay 7, 2026
GeolocationNL
CountryThe Netherlands
LocationAmsterdam, North Holland
ASNAS62068
OrgSpectraIP B.V.
Coords52.3676, 4.9041

VirusTotal

Not checked

WHOIS

raw
inetnum: 45.148.120.0 - 45.148.120.255 netname: NL-SPECTRAIP descr: SpectraIP B.V. geoloc: 52.3702 4.8952 country: NL admin-c: SA35974-RIPE tech-c: SA35974-RIPE status: ASSIGNED PA mnt-by: AS62068-MNT created: 2025-01-16T21:42:32Z last-modified: 2025-09-11T06:41:06Z source: RIPE role: SpectraIP B.V. address: Bruynvisweg 11 address: 1531AX address: Wormer address: NETHERLANDS org: ORG-SB523-RIPE nic-hdl: SA35974-RIPE mnt-by: SPECTRAIP-MNT created: 2015-12-01T00:12:31Z last-modified: 2021-11-10T12:38:14Z source: RIPE # Filtered abuse-mailbox: [email protected] route: 45.148.120.0/24 descr: SpectraIP B.V. origin: AS62068 mnt-by: SPECTRAIP-MNT created: 2025-09-11T06:38:56Z last-modified: 2025-09-11T06:38:56Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 month ago
Appeared in 14 threat reports