IOC Radar
IPMediumSignal 0/100

213.152.162.170

Location
NetherlandsNetherlands
Alblasserdam, NH
ASN
AS49453
AirVPN.org exit server (Caph)
First Seen
Aug 28, 2020
Last Seen
May 24, 2026
Aug 28
First Seen
2114d ago
May 24
Last Seen
19d ago
2
Reports
source reports
0%
Confidence
medium
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
0%
Signal Score
0 / 100
IDS Rule
No
Threat Context
Tags

Network Information

CountryNLNetherlands
RegionAlblasserdam, NH
ASNAS49453
OrganizationAirVPN.org exit server (Caph)

Feed Intelligence Summary

2 reports0% confidence
2
Source reports
0%
Confidence score
Category tags
networkproxyresearched

Activity Timeline

1 total obs
May 24May 24

Threat Activity Heatmap

· Peak: 2026-05-24
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
0
SIGNAL
Signal Score
0%
Confidence
2
Reports
First seenAug 28, 2020
Last seenMay 24, 2026
GeolocationNL
CountryNetherlands
LocationAlblasserdam, NH
ASNAS49453
OrgAirVPN.org exit server (Caph)
Coords52.3891, 4.6563

VirusTotal

Not checked

WHOIS

raw
inetnum: 213.152.162.118 - 213.152.162.255 netname: GLOBALLAYER descr: Global Layer B.V. country: NL descr: **************************************************** descr: For abuse, please e-mail only: [email protected] descr: Abuse messages will be handled within 24 hours time descr: **************************************************** admin-c: GL6540-RIPE tech-c: GL6540-RIPE status: ASSIGNED PA remarks: INFRA-AW mnt-by: GLOBALLAYER created: 2015-06-20T21:23:29Z last-modified: 2018-09-15T13:39:14Z source: RIPE # Filtered person: Global Layer address: Postbus 190 address: 2950AD Alblasserdam address: Netherlands phone: +31 78 20 20 228 nic-hdl: GL6540-RIPE mnt-by: GLOBALLAYER created: 2011-08-04T20:36:25Z last-modified: 2024-06-27T09:18:45Z source: RIPE # Filtered route: 213.152.162.0/24 descr: Global Layer network origin: AS49453 mnt-by: GLOBALLAYER created: 2016-08-11T11:27:53Z last-modified: 2016-08-11T11:27:53Z source: RIPE
references
https://x.com/SarlackLab/status/2016662646750138850, https://x.com/SarlackLab/status/2016662765927018753, https://x.com/SarlackLab/status/2016813644403613757, https://x.com/SarlackLab/status/2016828792531022187, https://x.com/SarlackLab/status/2016944171970404637, https://x.com/SarlackLab/status/2016979737340493980, https://analytics.dugganusa.com/api/v1/stix-feed/v2, https://threatfox.abuse.ch, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://feeds.dshield.org/feeds/topips.txt, https://feeds.dshield.org/feeds/top10.txt, https://feeds.dshield.org/feeds/block.txt, https://sslbl.abuse.ch/blacklist/sslipblacklist_aggressive.rules, Bruteforce.pdf

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 19 days ago
Appeared in 2 threat reports