IOC Radar
IPMediumSignal 27/100

91.108.56.142

Location
NetherlandsNetherlands
Amsterdam, North Holland
ASN
AS62014
Telegram Messenger Network
First Seen
Feb 25, 2026
Last Seen
Feb 25, 2026
Feb 25
First Seen
106d ago
Feb 25
Last Seen
106d ago
2
Reports
source reports
27%
Confidence
medium
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
27%
Signal Score
27 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Network Information

CountryNLNetherlands
RegionAmsterdam, North Holland
ASNAS62014
OrganizationTelegram Messenger Network

Feed Intelligence Summary

2 reports27% confidence
2
Source reports
27%
Confidence score
Category tags
active scanactive scanningasiaeuropeindicatornetherlandsnetworkreconnaissanceresearchedscannersgsingaporet1595.001t1595.002t1595.003

Activity Timeline

1 total obs
Feb 25Feb 25

Threat Activity Heatmap

· Peak: 2026-02-25
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, signals potential reconnaissance activity targeting our systems. Its elevated threat score and appearance in multiple reputable threat intelligence feeds suggest it is actively involved in hostile scanning behaviors. Such activities are often precursors to more significant attacks, including attempts at initial access, vulnerability exploitation, and potentially the deployment of malware. If left unaddressed, this could lead to unauthorized sy…

Threat ScoreLow Risk
27
SIGNAL
Signal Score
27%
Confidence
2
Reports
First seenFeb 25, 2026
Last seenFeb 25, 2026
GeolocationNL
CountryNetherlands
LocationAmsterdam, North Holland
ASNAS62014
OrgTelegram Messenger Network
Coords52.3676, 4.9041

VirusTotal

Not checked

WHOIS

raw
inetnum: 91.108.56.0 - 91.108.59.255 netname: Telegram_Messenger_Network descr: Telegram Messenger Network country: NL admin-c: ND2624-RIPE geoloc: 1.3147 103.8454 tech-c: ND2624-RIPE abuse-c: TMI12-RIPE status: ASSIGNED PA mnt-by: MNT-TELEGRAM created: 2015-05-31T20:43:56Z last-modified: 2018-06-12T10:55:21Z source: RIPE person: Nikolai Durov address: P.O. Box 146, Road Town, Tortola, British Virgin Islands phone: +357 96 287319 nic-hdl: ND2624-RIPE mnt-by: MNT-TELEGRAM created: 2014-03-07T19:25:00Z last-modified: 2014-03-08T03:31:36Z source: RIPE route: 91.108.56.0/24 descr: Telegram_Messenger_Network origin: AS62014 mnt-by: MNT-TELEGRAM created: 2015-07-13T18:12:30Z last-modified: 2015-07-13T18:12:30Z source: RIPE route: 91.108.56.0/24 origin: AS62041 mnt-by: mnt-ag-globalnet-1 mnt-by: MNT-TELEGRAM created: 2023-08-06T18:13:00Z last-modified: 2023-08-06T18:13:00Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 3 months ago
Appeared in 2 threat reports