IOC Radar
IPMediumSignal 72/100

37.57.38.129

Location
UkraineUkraine
Poltava, 53
ASN
AS13188
Triolan
First Seen
Apr 15, 2025
Last Seen
Feb 15, 2026
Apr 15
First Seen
428d ago
Feb 15
Last Seen
121d ago
9
Reports
source reports
72%
Confidence
medium
1/91
VirusTotal
detections
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
72%
Signal Score
72 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Network Information

CountryUAUkraine
RegionPoltava, 53
ASNAS13188
OrganizationTriolan

Feed Intelligence Summary

9 reports72% confidence
9
Source reports
72%
Confidence score
Category tags
abuseactive scanningbotnetbrute forcebrute force attackcommand and controlcredential accesscredential stuffingdata exfiltrationddosddos attacksdenial of servicedistributed attackseuropeexploit attemptsexploited hostftp brute forcehackinghttp brute forceindicatorinternet of thingsiot botnetiot/ics attacklateral movementmalicious softwaremalwaremalware propagationmalware scanningmirai botnetnetworknetwork probingnetwork scanningpassword attacksprocess injectionreconnaissanceremote accessremote servicesresearchedscannersmtp brute forcesql injection attemptsssh attackt1021t1021.001t1046t1055t1059t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.002t1499.003t1563t1565t1588t1595t1595.001t1595.002t1595.003ukraine

Activity Timeline

1 total obs
Feb 15Feb 15

Threat Activity Heatmap

· Peak: 2026-02-15
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
72
SIGNAL
Signal Score
72%
Confidence
9
Reports
First seenApr 15, 2025
Last seenFeb 15, 2026
GeolocationUA
CountryUkraine
LocationPoltava, 53
ASNAS13188
OrgTriolan
Coords49.5894, 34.5504

VirusTotal

1/ 91vendors flagged
1% detection rateJun 8, 2026

WHOIS

raw
inetnum: 37.57.38.0 - 37.57.38.255 netname: TRIOLAN country: UA admin-c: OVY5-RIPE admin-c: YT1496-RIPE tech-c: OVY5-RIPE tech-c: YT1496-RIPE status: ASSIGNED PA mnt-by: TRIOLANMNT mnt-by: SALTOVKAMNT mnt-domains: TRIOLANMNT mnt-domains: SALTOVKAMNT mnt-routes: TRIOLANMNT mnt-routes: SALTOVKAMNT created: 2016-10-19T12:15:20Z last-modified: 2019-07-18T13:42:32Z source: RIPE person: Oleksii V Yaroshenko address: Prirechnaya, 25a address: Kiev address: Ukraine phone: +38 097-437-27-17 nic-hdl: OVY5-RIPE mnt-by: TRIOLANMNT created: 2016-08-30T12:25:29Z last-modified: 2024-12-05T20:58:21Z source: RIPE # Filtered person: Yevhen Tiraian address: Prirechnaya 25a address: Kyiv address: Ukraine phone: +380508420491 address: [email protected] nic-hdl: YT1496-RIPE mnt-by: SALTOVKAMNT created: 2016-10-12T08:30:14Z last-modified: 2017-10-30T23:26:24Z source: RIPE route: 37.57.38.0/24 descr: Triolan, Poltava origin: AS13188 mnt-by: TRIOLANMNT mnt-by: SALTOVKAMNT created: 2016-10-19T12:57:38Z last-modified: 2019-07-22T08:16:31Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 9 threat reports