IOC Radar
IPMediumSignal 85/100

88.210.63.2

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS211736
FOP Dmytro Nedilskyi
First Seen
Aug 31, 2025
Last Seen
Jun 10, 2026
Aug 31
First Seen
283d ago
Jun 10
Last Seen
yesterday
6
Reports
source reports
85%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
85%
Signal Score
85 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

49 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS211736
OrganizationFOP Dmytro Nedilskyi

IP Category

VPN
VPN exit node

Feed Intelligence Summary

6 reports85% confidence
6
Source reports
85%
Confidence score
Category tags
abuseaccount discoveryaccount profilingaccount takeoveractive scanactive scanningargentinaattackautomated attackautomated attacksbad reputationbad web botblog spambotnetbotnet activitybrute forcebrute force attackbrute-forcebruteforcechilecisco asacisco asa targetedcisco asa targetingcisco devicecisco targetscommand and controlcommunication protocolcowrie honeypotcredential accesscredential compromisecredential guessingcredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposureddosdecoy systemdenial of servicedevice managementdionaea honeypotdistributed attacksdmytro nedilskyie-rishennyaencryptionenterprise networkingeuropeexploitation activityexploitation attemptsexploited hostfdn3ftpftp brute forceftp protocolhackinghoneytrap honeypothttp scannerhttpsidentity & access exploitationindicatorinformation technologyinitial accessinitial access attemptsinjection activityinternet wide scanipv4 address abuseit infrastructurejaglamplamp stack targetinglateral movementlinux targetsmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetherlandsnetworknetwork devicenetwork device attacksnetwork infrastructurenetwork infrastructure attacknetwork infrastructure scanningnetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork securitynetwork servicesnlnorth americapassword attackspassword sprayingperuphishingphishing attackpossible credential stuffingpotential intrusionspotential lateral movementprocess injectionprotocol exploitationrdp protocolreconnaissanceremote accessremote service exploitationremote servicesresearchedresource hijackingscannerscanning activitysecurity operationssentrypeer botnetseychellessftp access attemptsftp attacksftp attackssftp probingsip scanningsmtp brute forcesocial engineeringsoftware developmentsouth americaspamssh attackssh attacksssh monitoringssh protocolssl vpnt1003t1021t1021.001t1021.002t1021.004t1040t1041t1046t1055t1059t1059.004t1071t1071.001t1076t1077t1078t1078.001t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1547t1563t1565t1566.001t1566.002t1566.003t1567t1583.003t1583.006t1584.004t1588.001t1590t1590.005t1592t1595t1595.001t1595.002t1595.003tannertelecommunicationstelnet attackstelnet threatthreat actorthreat detectionthreat intelligencetor nodeukraineukrainian networksukrainian threat actorsunauthorized access attemptunauthorized access attemptsunauthorized login attemptunited statesunknown threat actorvaizvoipvoip attackvpnweb app attackweb application attackweb application attacksweb exploitationweb server exploitationweb spamweb traffic

Activity Timeline

1 total obs
Jun 10Jun 10

Threat Activity Heatmap

Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
85
SIGNAL
Signal Score
85%
Confidence
6
Reports
First seenAug 31, 2025
Last seenJun 10, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS211736
OrgFOP Dmytro Nedilskyi
Coords52.3676, 4.9041
VPN

VirusTotal

Not checked

WHOIS

description
CC=RU ASN=AS25308 citylancom ltd
raw
inetnum: 88.210.63.0 - 88.210.63.255 org: ORG-FDN3-RIPE netname: ORG-FDN3-RIPE country: NL admin-c: DN4442-RIPE tech-c: DN4442-RIPE status: ASSIGNED PA mnt-by: LocalNCC-mnt created: 2025-06-13T07:46:00Z last-modified: 2025-06-13T07:46:00Z source: RIPE organisation: ORG-FDN3-RIPE org-name: FOP Dmytro Nedilskyi country: UA org-type: OTHER descr: FOP Dmytro Nedilskyi address: Ukraine, Dnipro, st. Odynkivska, build. 25 phone: +380635062303 admin-c: DN4442-RIPE tech-c: DN4442-RIPE abuse-c: AR62526-RIPE mnt-by: FDN3-MNT mnt-ref: FDN3-MNT mnt-ref: ru-alexgroup-1-MNT mnt-ref: LocalNCC-mnt created: 2021-01-12T19:51:05Z last-modified: 2025-06-12T12:19:10Z source: RIPE # Filtered person: Dmytro Nedilskyi address: Ukraine, Dnipro, st. Odynkivska, build. 25 phone: +380635062303 nic-hdl: DN4442-RIPE mnt-by: FDN3-MNT created: 2021-01-12T19:50:29Z last-modified: 2022-05-16T20:11:15Z source: RIPE # Filtered route: 88.210.63.0/24 origin: AS211736 mnt-by: LocalNCC-mnt created: 2025-06-13T07:46:29Z last-modified: 2025-06-13T07:46:29Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 9 months ago · Last seen 1 day ago
Appeared in 6 threat reports