IOC Radar
IPHighVerifiedSignal 53/100

11.0.2.219

Location
United StatesUnited States
Columbus, Ohio
ASN
AS749
DoD Network Information Center
First Seen
Apr 17, 2026
Last Seen
Apr 23, 2026
Apr 17
First Seen
58d ago
Apr 23
Last Seen
52d ago
4
Reports
source reports
53%
Confidence
high
Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
53%
Signal Score
53 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

8 techniques

Network Information

CountryUSUnited States
RegionColumbus, Ohio
ASNAS749
OrganizationDoD Network Information Center

Feed Intelligence Summary

4 reports53% confidence
4
Source reports
53%
Confidence score
Category tags
aslrattack networkbasiccalls processcodecommand lineextra infofilesfiles cfull pathguest systemindicatorinfo processesintelms windowsmutexes nothingnetworknextnorth americaparent pidpe filepe32 executableread registryreaqtaregistry keysresearchedt1018t1056t1071t1082t1095t1105t1497t1518ultimate fileunited statesurlsutc8 networkwindows sandboxzenbox verdict

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
53
SIGNAL
Signal Score
53%
Confidence
4
Reports
First seenApr 17, 2026
Last seenApr 23, 2026
Verified IOC
GeolocationUS
CountryUnited States
LocationColumbus, Ohio
ASNAS749
OrgDoD Network Information Center
Coords39.9819, -82.9048

VirusTotal

Not checked

WHOIS

description
CC=US ASN=AS749 dod network information center
raw
NetRange: 11.0.0.0 - 11.255.255.255 CIDR: 11.0.0.0/8 NetName: DODIIS NetHandle: NET-11-0-0-0-2 Parent: DODIIS (NET-11-0-0-0-1) NetType: Reallocated OriginAS: Organization: DoD Network Information Center (DNIC) RegDate: 2025-08-27 Updated: 2025-08-27 Ref: https://rdap.arin.net/registry/ip/11.0.0.0 OrgName: DoD Network Information Center OrgId: DNIC Address: 3990 E. Broad Street City: Columbus StateProv: OH PostalCode: 43218 Country: US RegDate: Updated: 2025-03-13 Ref: https://rdap.arin.net/registry/entity/DNIC OrgAbuseHandle: REGIS10-ARIN OrgAbuseName: Registration OrgAbusePhone: +1-844-347-2457 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/REGIS10-ARIN OrgTechHandle: MIL-HSTMST-ARIN OrgTechName: Network DoD OrgTechPhone: +1-844-347-2457 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/MIL-HSTMST-ARIN OrgTechHandle: REGIS10-ARIN OrgTechName: Registration OrgTechPhone: +1-844-347-2457 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/REGIS10-ARIN

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 month ago · Last seen 1 month ago
Appeared in 4 threat reports