IOC Radar
IPMediumSignal 90/100

141.138.110.151

Location
UkraineUkraine
Vinnytsia, Vinnytska oblast
ASN
AS49223
Everest Broadcasting Company Ltd
First Seen
Jan 19, 2025
Last Seen
Mar 19, 2026
Jan 19
First Seen
513d ago
Mar 19
Last Seen
89d ago
8
Reports
source reports
90%
Confidence
medium
3/91
VirusTotal
detections
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
90%
Signal Score
90 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

27 techniques

Network Information

CountryUAUkraine
RegionVinnytsia, Vinnytska oblast
ASNAS49223
OrganizationEverest Broadcasting Company Ltd

Feed Intelligence Summary

8 reports90% confidence
8
Source reports
90%
Confidence score
Category tags
abuseaccess controlactive scanningbotnetbrute forcebrute force attemptcommand and controlcommunication protocolcredential accesscredential harvestingdata exfiltrationddos attacksdecoy systemdistributed attackseuropeindicatorinfrastructure acquisitionreconnaissanceinternet of thingsintrusion detectioniociot botnetiot/ics attackmalicious network activitymalicious softwaremalwaremanualmirai botnetnetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningphishing attackprocess injectionprotocol exploitationreconnaissanceresearchedscanscannersecurity policysocial engineeringt1021.002t1040t1046t1055t1056.001t1059.001t1071.001t1078t1110t1110.002t1133t1190t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1587.001t1590.001t1595t1595.001t1595.002t1595.003tcp protocoltelnet threatthreat intelligencethreat preventionukraine

Activity Timeline

1 total obs
Mar 19Mar 19

Threat Activity Heatmap

· Peak: 2026-03-19
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
90
SIGNAL
Signal Score
90%
Confidence
8
Reports
First seenJan 19, 2025
Last seenMar 19, 2026
GeolocationUA
CountryUkraine
LocationVinnytsia, Vinnytska oblast
ASNAS49223
OrgEverest Broadcasting Company Ltd
Coords49.2288, 28.4720

VirusTotal

3/ 91vendors flagged
3% detection rateJun 10, 2026

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 141.138.96.0 - 141.138.119.255 netname: UA-EVEREST-NET descr: "Everest" Broadcasting Company Ltd country: UA admin-c: PAS666-RIPE admin-c: DS162-RIPE tech-c: PAS666-RIPE tech-c: DS162-RIPE status: ASSIGNED PA mnt-by: EVEREST created: 2011-06-30T14:18:40Z last-modified: 2011-06-30T14:18:40Z source: RIPE person: Dmitry Semenov address: "Everest" Broadcasting Company Ltd address: 40-richchya Peremogi str., 6B address: 21036, Vinnitsa address: Ukraine phone: +380 432 552544 fax-no: +380 432 552540 nic-hdl: DS162-RIPE created: 1970-01-01T00:00:00Z last-modified: 2015-12-11T07:28:06Z source: RIPE # Filtered mnt-by: EVEREST person: Pasha Stepanenko address: "Everest" Broadcasting Company Ltd address: Danyla Halyts'koho str., 6B address: 21036, Vinnitsa address: Ukraine phone: +380 432 552544 fax-no: +380 432 552540 nic-hdl: PAS666-RIPE created: 2006-05-04T11:06:55Z last-modified: 2022-05-13T09:25:18Z source: RIPE # Filtered mnt-by: EVEREST route: 141.138.96.0/20 descr: Everest more spec Route origin: AS49223 mnt-by: EVEREST created: 2017-04-14T09:34:20Z last-modified: 2017-04-14T09:34:20Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 8 threat reports