IOC Radar
IPMediumSignal 78/100

88.151.32.216

Location
NetherlandsNetherlands
Dronten, Flevoland
ASN
AS41608
NextGenWebs
First Seen
Apr 15, 2026
Last Seen
Jun 2, 2026
Apr 15
First Seen
60d ago
Jun 2
Last Seen
12d ago
13
Reports
source reports
78%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
78%
Signal Score
78 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryNLNetherlands
RegionDronten, Flevoland
ASNAS41608
OrganizationNextGenWebs

Feed Intelligence Summary

13 reports78% confidence
13
Source reports
78%
Confidence score
Category tags
abuseactive scanactive scanningapacheapache attackeraptbad reputationbad web botbanner-grabbingblocklistblog spambotnet activitybrute forcebrute force attackbrute-forcebruteforcecommunity-sharedcredential accesscredential stuffingddosddos attackeuropeexploitation activityexploited hostfraud ordersftp brute-forcehackingidentity & access exploitationindicatorinjection activitymalwarenetherlandsnetworknlpassword attacksreconnaissanceresearchedscams & fraudscannerspamsql injectionssht1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003targeting databasethreat actortor nodeweb app attackweb spam

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, signals an immediate and significant threat to organizational security, primarily associated with active reconnaissance and credential compromise attempts. Its high threat score of 77.69 and widespread listing across multiple reputable threat intelligence feeds underscore its persistent malicious nature. If this IP address is found to be communicating with internal systems, it indicates that an adversary may be actively attempting to gain unau…

Threat ScoreHigh Risk
78
SIGNAL
Signal Score
78%
Confidence
13
Reports
First seenApr 15, 2026
Last seenJun 2, 2026
GeolocationNL
CountryNetherlands
LocationDronten, Flevoland
ASNAS41608
OrgNextGenWebs
Coords52.5347, 5.7218

VirusTotal

Not checked

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
inetnum: 88.151.32.0 - 88.151.32.255 netname: NextGenWebs-NL geoloc: 52.543836030837475 5.705273002423745 country: NL admin-c: GL10464-RIPE tech-c: GL10464-RIPE status: SUB-ALLOCATED PA mnt-by: es-nextgenwebs-1-mnt created: 2023-11-25T17:39:57Z last-modified: 2023-11-25T17:39:57Z source: RIPE person: Gerardus Leerentveld address: Plaza Gerardo Salvador 1, Oficina 17 address: 46182 address: Paterna address: SPAIN phone: +34960000000 nic-hdl: GL10464-RIPE mnt-by: es-nextgenwebs-1-mnt created: 2017-07-18T07:58:48Z last-modified: 2017-07-20T15:08:39Z source: RIPE route: 88.151.32.0/22 origin: AS41608 mnt-by: es-nextgenwebs-1-mnt created: 2023-03-30T18:57:18Z last-modified: 2023-03-30T18:57:18Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 12 days ago
Appeared in 13 threat reports