IOC Radar
IPHighVerifiedSignal 46/100

185.28.37.211

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS213035
Des Capital B.V
First Seen
Jul 6, 2023
Last Seen
May 27, 2026
Jul 6
First Seen
1074d ago
May 27
Last Seen
17d ago
5
Reports
source reports
46%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
46%
Signal Score
46 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

8 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS213035
OrganizationDes Capital B.V

Feed Intelligence Summary

5 reports46% confidence
5
Source reports
46%
Confidence score
Category tags
active scanaslrattack networkbasiccalls processcodecommand lineddosddos attackeuropeextra infofilesfiles cfull pathguest systemindicatorinfo processesintelms windowsmutexes nothingnetherlandsnetworknextnlparent pidpe filepe32 executableread registryreaqtaregistry keysresearchedscannert1018t1056t1071t1082t1095t1105t1497t1518ultimate fileurlsutc8 networkwindows sandboxzenbox verdict

Activity Timeline

1 total obs
May 27May 27

Threat Activity Heatmap

· Peak: 2026-05-27
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
46
SIGNAL
Signal Score
46%
Confidence
5
Reports
First seenJul 6, 2023
Last seenMay 27, 2026
Verified IOC
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS213035
OrgDes Capital B.V
Coords52.3640, 4.8913

VirusTotal

Not checked

WHOIS

description
CC=NL ASN=AS213035 des capital b.v.
raw
inetnum: 185.28.36.0 - 185.28.39.255 netname: NL-DESCAPITAL-20130610 country: NL geofeed: https://geo.serverion.com/geofeed.csv org: ORG-DCB8-RIPE admin-c: AA35882-RIPE tech-c: TA7409-RIPE status: ALLOCATED PA mnt-by: mnt-nl-descapital-1 mnt-by: RIPE-NCC-HM-MNT created: 2022-08-23T09:14:01Z last-modified: 2023-08-03T08:37:27Z source: RIPE mnt-routes: mnt-nl-descapital-1 mnt-lower: mnt-nl-descapital-1 organisation: ORG-DCB8-RIPE org-name: Des Capital B.V. country: NL org-type: LIR address: Krammer 8 address: 3232HE address: Brielle address: NETHERLANDS phone: +13022619516 phone: +31850047887 admin-c: AA35882-RIPE tech-c: TA7409-RIPE abuse-c: AR60082-RIPE mnt-ref: mnt-nl-descapital-1 mnt-ref: RELCOMGROUP-EXT-MNT mnt-ref: FREENET-MNT mnt-ref: MNT-NETERRA mnt-ref: MNT-MAYAK mnt-ref: bg-mcreative-1-mnt mnt-ref: mnt-bg-mconsulting15-1 mnt-ref: bg-mconsulting-1-mnt mnt-ref: MNT-MCONSULTING mnt-ref: mnt-bg-ccomp-1 mnt-by: RIPE-NCC-HM-MNT mnt-by: mnt-nl-descapital-1 created: 2020-03-17T15:00:52Z last-modified: 2024-08-07T05:06:02Z source: RIPE # Filtered mnt-ref: AZERONLINE-MNT mnt-ref: interlir-mnt role: Des Capital B.V. address: Krammer 8 address: 3232HE address: Brielle address: NETHERLANDS phone: +31851308338 nic-hdl: AA35882-RIPE mnt-by: mnt-nl-descapital-1 created: 2020-03-17T15:00:51Z last-modified: 2020-03-17T15:19:36Z source: RIPE # Filtered role: D.P. van der Winden address: Krammer 8 address: 3232HE address: Brielle address: NETHERLANDS phone: +31851308338 nic-hdl: TA7409-RIPE mnt-by: mnt-nl-descapital-1 created: 2020-03-17T15:00:51Z last-modified: 2020-03-17T15:20:31Z source: RIPE # Filtered route: 185.28.37.0/24 origin: AS213035 mnt-by: mnt-nl-descapital-1 mnt-by: mnt-com-serverion created: 2020-10-13T16:56:49Z last-modified: 2020-10-13T16:56:49Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 2 years ago · Last seen 17 days ago
Appeared in 5 threat reports